Using Masked/Virtual Credit Cards for Online Privacy and Security

The #1 community for Gun Owners of the Northeast

Member Benefits:

  • No ad networks!
  • Discuss all aspects of firearm ownership
  • Discuss anti-gun legislation
  • Buy, sell, and trade in the classified section
  • Chat with Local gun shops, ranges, trainers & other businesses
  • Discover free outdoor shooting areas
  • View up to date on firearm-related events
  • Share photos & video with other members
  • ...and so much more!
  • ToolAA

    Ultimate Member
    MDS Supporter
    Jun 17, 2016
    10,499
    God's Country
    Last year I setup a Privacy.com account in order to create and use Masked Credit Cards for online purchases. for a while I didn't use them at all but I've kicked this into high gear lately for a few reasons, that I'll explain.

    First off if you do not know what a masked or virtual credit card is. A masked credit card is a virtual credit card that hides your real details. Instead of using your real credit card number, name and security code when purchasing something online, you can use a masked credit card. The funds will still be pulled from your account, but you don’t have to hand over your real credit card information to a payment processor. It's basically a temporary card number used for a specific merchant or specific transaction. For more info, read this article in Off The Grid News. It explains things well enough. LINK

    I don't actually use a real credit card to purchase anything. All of my purchases are tied to my visa debit card. I control spending by keeping as little funds as necessary in my checking account, and then transfer money into the account as I spend. This ensures that even if my account number was stolen my maximum exposure us usually going to be $500 or less. I still have just about every other lock down control on the account as I can have but the fact is that every time I purchase something online, I'm potentially exposing my checking account to an unauthorized withdraw.

    Here are some of the reasons that I'm using a masked card now:

    • I can setup unique cards to sign up for introductory services that are free for some period of time, but then require a card to be billed automatically thereafter. I don't know how many times, I've signed up for a service at an introductory rate, only to realize a few months later that I forgot to cancel it. Canceling some online services are a real pain in the rear too. This is often even more complicated for phone apps, where you cannot easily log onto your account. So if I subscribe to an app or service that cost $4.99 per month after the first 30 days, I can create the account with a one time spend limit of $4.99. Then after the first month's bill the vendor will not be able to charge additional payments, unless I choose to log in and update the masked card info.
    • Setup recurring services like Netflix. I can setup a card to approve only a specific payment per month, or authorize purchases up to a fixed limit. This enables me to automatically protect myself from unexpected rate increases or even billing mistakes. If Netflix pisses me off one day, I can also just cancel my payment service, while still leaving my account open, although suspended.
    • Online purchases from unknown vendors. This one seems pretty obvious. I just ordered a poly80 kit from an online store that I've never used before. I created a single use card for the exact amount of the purchase.
    • Limiting my personal information online. This is a big one for me lately. It seems like every time you sign up or register for something you need to provide your name, address and a whole slew of other personal info. By using a Privacy.com masked card I can enter any Name, Address and Phone number for the billing info. Privacy.com says they will automatically approve all request regardless of the information listed. I only do this for the billing address. When I'm actually purchasing a physical product that I need to have delivered to may home, I still have to enter the correct shipping address. The thing to remember here is that almost every single company these days can and will sell your personal information to marketing companies. By using a different address as my billing address, my hope is that eventually this bogus address will filter it's way to the numerous online data brokerage sources and make it's way into the people search websites. The more wrong information that is out there, the better my real information is hidden within that sea of noise.
    • Privacy.com purchase details are concealed from my bank. So for example when I purchased that Poly80, why do I want my bank to have a record of the actual vendors that I've purchased from. It's none of their business.

    There are some potential issues with this plan too and I don't want to ignore them.

    • First obviously I have to trust Privacy.com with my information. I'll say that there is no way that any company can ensure that your personal information will remain hidden from cyber theft, it does seem like Privacy.com has a lot of incentive to work hard to protect your info. I believe that they have more to lose in the event of a data breech than a mom and pop internet retailer, who probably has very weak controls in place, if any at all.
    • Masked cards will not work in all cases. Since they operate like a debit card, you cannot make transactions outside of the USA. I tried to use a Privacy.com card to purchase a ProtonVPN account and it just wouldn't work.
    • Some vendors can block debit card transactions. This would be no different than a hotel requiring an actual credit card for booking vs a debit card. I know that I cannot rent a car with my own bank visa debit card nor could I use a Privacy.com masked card.
    • Returning items may be more difficult. If you setup a single use card and purchase a pair of shoes, then decide to return them, the vendor is NOT going to be able to simply refund your purchase back to the virtual card.
    • It seems like some in government want to crack down on any form of consumer anonymity. For now these methods work, but that could change really quickly in the future.

    There are other companies that offer similar services. Some banks and credit card companies offer free single use cards. These will protect your account from theft, but they do not mask your identity. Also there is a company Albine.com which has a service called BLUR. https://dnt.abine.com/#/masking
    The service is very similar to Privacy.com but it's not free. You have to create a premium account which cost $100/yr. Then you can create as many masked cards as you want. There is also another difference. Blur masked cards appear as actual credit cards, so they may not get rejected by some merchants. However on Blur cards you cannot change the billing address you must use the actual Blur address and zip code as the billing address. I have NOT yet tried to use a Blur Masked card.

    Lastly, do not use these suggestions as a way to conduct fraudulent or criminal activity. Do do stupid stuff online and you'll be fine and you won't put masked cards under the legislative cross hairs, potentially ruining this privacy tool for the rest of us.
     

    ToolAA

    Ultimate Member
    MDS Supporter
    Jun 17, 2016
    10,499
    God's Country
    What do you do for in person purchases? Cash only?


    I use my physical card all the time for things like groceries, coffee shops, gas stations or purchases where my address is not specifically required. In almost all transactions where you run your card through one of those chip/swipe pay stations, the merchant doesn’t even know your card number. The transaction is approved by the payment processor and the merchant is funded almost immediately.

    I guess if I wanted to purchase something physical with some degree of anonymity cash is always an option.
     

    rseymorejr

    Ultimate Member
    MDS Supporter
    Feb 28, 2011
    26,003
    Harford County
    When my Father was alive, before his dementia got real bad, he would lose everything, glasses, wallets, hearing aids. Everything. He still would walk to McDonalds or Dunkin Donuts so I wanted him to always have a way to buy something so I got him a Bluebird reloadable credit card. I could put $50 on it and monitor what he spent and add money when he needed it. If he lost it I could go online and cancel it. Worst case we'd lose $50
     

    ToolAA

    Ultimate Member
    MDS Supporter
    Jun 17, 2016
    10,499
    God's Country
    When my Father was alive, before his dementia got real bad, he would lose everything, glasses, wallets, hearing aids. Everything. He still would walk to McDonalds or Dunkin Donuts so I wanted him to always have a way to buy something so I got him a Bluebird reloadable credit card. I could put $50 on it and monitor what he spent and add money when he needed it. If he lost it I could go online and cancel it. Worst case we'd lose $50


    I have some OneVanila prepaid visa cards that I keep for the very very rare situation where I cannot use cash in person but the establishment will accept a credit card. I buy these with cash at Wallgreens or Walmart.
     

    Harrys

    Short Round
    Jul 12, 2014
    3,362
    SOMD
    Any time you use a mask credit card you also have the risk go the go between getting hacked. If man makes or creates it, man can hack or break into it nothing is safe in the digital world. Using a debit card allows hackers to drain your bank account. Unlike credit cards debit cards do not have the same protection. In other words the bank does not have to cover your losses regardless what they say in the small print it is in the Federal Banking codes/laws.

    For example Pay Pal is a go between and they have been hacked, so has others like them. Using your phone for banking, paying item or using it like a credit card in my opinion is asking for trouble. I have had friends and family members get their phone hacked via email by a data logger. We have become to complacent in our society as things become easier we lose our tentativeness to detail. For example how many of you can remember phone numbers or pertinent addresses to friends, work, relatives or even your own phone number with out looking it up?

    The safest way to use a credit card on line is one you actually pay cash to reload there are no links to anything that way. Signing up for the agencies that monitor your stuff is a good idea. However, by time they notify you the damage has been done it is another racket created by the digital age. They are like having a gun to protect yourself that you do not have bullets.
     

    Sundazes

    My brain hurts
    MDS Supporter
    Nov 13, 2006
    21,287
    Arkham
    What a lot of people fail to realize:
    You don't have to "use" your card for it to get compromised.
    It typically is NOT the mom and pop shop's fault unless you are skimmed.
    Skimmers can be installed on gas pump, ATM's, etc.
    It typically is not the online store's fault.
    If you fall for a phishing email or click on a link that asks for your PII, thats on you.


    There are "bots" out there that guess at numbers. CC number follow a specific pattern/algorithm as do SSN's. These bots create numbers that follow the algorithm and try to make purchases. If a small purchase is successful, they will move on to bigger and better things. Decent CC companies monitor for this activity and do a damn fine job of detecting it. Chase and Amex come to mind. If you notice a fradulant charge, all it takes it a phone call. As for masking purchases, if you use a credit card, even with the privacy thing, the trail can be followed. It just depends on how deep "they" want want to dig. It's called forensic accounting. Follow the money. Cash money makes its a lot harder to follow.

    My point is that you can do all of the above (and probably should) to try an protect yourself, but chances are, you WILL have a card get compromised. It is a question of when, not if.

    All that said, the OP has been posting some EXCELLENT info.
     

    cantstop

    Pentultimate Member
    MDS Supporter
    Aug 10, 2012
    8,158
    MD
    I gift myself or my wife things that are typically subscription services. For example, I did Disney Plus for a year as a gift. At the end of the year, they wanted my wife to give them a CC to continue the subscription. We just let it expire.

    This keeps us out of never ending auto renewals. It really won't work for downright fraud, but those can be disputed.

    I used to use the virtual cards in the late '90s, but tapered off by 2003 or so.
     

    geda

    Active Member
    Dec 24, 2017
    550
    cowcounty
    What a lot of people fail to realize:
    You don't have to "use" your card for it to get compromised.
    It typically is NOT the mom and pop shop's fault unless you are skimmed.
    Skimmers can be installed on gas pump, ATM's, etc.
    It typically is not the online store's fault.
    If you fall for a phishing email or click on a link that asks for your PII, thats on you.


    There are "bots" out there that guess at numbers. CC number follow a specific pattern/algorithm as do SSN's. These bots create numbers that follow the algorithm and try to make purchases. If a small purchase is successful, they will move on to bigger and better things. Decent CC companies monitor for this activity and do a damn fine job of detecting it. Chase and Amex come to mind. If you notice a fradulant charge, all it takes it a phone call. As for masking purchases, if you use a credit card, even with the privacy thing, the trail can be followed. It just depends on how deep "they" want want to dig. It's called forensic accounting. Follow the money. Cash money makes its a lot harder to follow.

    My point is that you can do all of the above (and probably should) to try an protect yourself, but chances are, you WILL have a card get compromised. It is a question of when, not if.

    All that said, the OP has been posting some EXCELLENT info.


    This happened to a secondary checking account of mine last year. The debit card the bank sent me was activated, but had never left my desk drawer. Then one day a $.20 cent charge and they next day someone went on a $5k shopping spree at bestbuy. Luckily my bank detected the fraud and i wasnt out any money. Outcome of the story is now all except one of my debit cards have been disabled. One is temporally blocked but can be enabled easily in case I need to use an ATM.


    Privacy is great, but The OP's plan seems like too much risk, too much effort and not enough reward. A normal credit card provides all the protections you could want without the privacy. Many credit cards also offer free virtual numbers for one time use. For me at least most of my online credit card purchases are tangible items that the vendor will require my address for anyways. What use cases are left where privacy over convince is a priority and there is no tangible product? Kinky porn subscriptions?
     

    ToolAA

    Ultimate Member
    MDS Supporter
    Jun 17, 2016
    10,499
    God's Country
    Any time you use a mask credit card you also have the risk go the go between getting hacked. If man makes or creates it, man can hack or break into it nothing is safe in the digital world. Using a debit card allows hackers to drain your bank account. Unlike credit cards debit cards do not have the same protection.

    As always Harry you bring up some good points. I agree that every organization is vulnerable to a security breech. Choosing to use my VISA Debit card instead of an actual credit card is really personal choice for another reason. I really do keep less than $1K in my checking account at all times. Most of the time even less than that. That's my first layer of protection, and this is in addition to all of the other safeguards my bank offers which include blocking all transactions from outside of the USA, or over a specific amount, without approval. When I want to buy anything I consider expensive, I'm forced to move money from savings (or another account) into my checking account. This extra step does sometimes, give me the additional pause I need to reflect on the potential purchase. Most of the time I buy what I want to buy, but there have been times, where that extra step does result in me walking away from the purchase.

    We have become to complacent in our society as things become easier we lose our tentativeness to detail. For example how many of you can remember phone numbers or pertinent addresses to friends, work, relatives or even your own phone number with out looking it up?

    I agree here too. I think in some ways I'm trying to really limit the ease of purchasing with PayPal, Apple Pay, Venmo, ect. There are thousands of ways today to get money from your bank account into someone else's hands, and far few ways to get the money flowing in your direction.


    The safest way to use a credit card on line is one you actually pay cash to reload there are no links to anything that way.

    I do this too, but I've found out that a lot of companies will not accept them anymore, especially online. The problem, from what I can tell is that these VISA gift cards do not have any address or zip code associated with them. Online merchants will ask you to enter the billing address of the card and the transaction will get rejected. Up until March of this year, OneVanilla.com VISA Gift cards, would allow you to log in using the card number and actually enter in a Zipcode into the card record. You could then purchase online and enter that Zipcode and the transactions would usually clear. They stopped doing this in March. I have a few cards which I purchased before then, and when I log into those, the zipcode entry filed is still valid, but the new cards no longer allow it.
     

    ToolAA

    Ultimate Member
    MDS Supporter
    Jun 17, 2016
    10,499
    God's Country
    What a lot of people fail to realize: You don't have to "use" your card for it to get compromised.

    Totally true. However some merchants are careless with your personal info. We've had banking fraud at work and the manager said that criminal organizations pay $5/10 per picture of a check or credit card.


    As for masking purchases, if you use a credit card, even with the privacy thing, the trail can be followed. It just depends on how deep "they" want want to dig. It's called forensic accounting. Follow the money. Cash money makes its a lot harder to follow.

    I'm not trying to hide from the government here. My anonymity goals are really focused on keeping my name and home address off of marketing lists, data breaches which are posted on the dark web and PII sold to people search sites. However, there are some other benefits to using masked cards. A federal agency can request your bank records via administrative summons (without a court subpoena). If you purchase items using a masked card, the vendor identity would not be listed. While it's totally true that if you were the subject of a federal investigation, they will eventually get the info they need, but at least you'll have the benefit of having a judge weigh in as opposed to an overzealous investigator casting a wide net.
     

    Harrys

    Short Round
    Jul 12, 2014
    3,362
    SOMD
    As always Harry you bring up some good points. I agree that every organization is vulnerable to a security breech. Choosing to use my VISA Debit card instead of an actual credit card is really personal choice for another reason. I really do keep less than $1K in my checking account at all times. Most of the time even less than that. That's my first layer of protection, and this is in addition to all of the other safeguards my bank offers which include blocking all transactions from outside of the USA, or over a specific amount, without approval. When I want to buy anything I consider expensive, I'm forced to move money from savings (or another account) into my checking account. This extra step does sometimes, give me the additional pause I need to reflect on the potential purchase. Most of the time I buy what I want to buy, but there have been times, where that extra step does result in me walking away from the purchase.


    I agree here too. I think in some ways I'm trying to really limit the ease of purchasing with PayPal, Apple Pay, Venmo, ect. There are thousands of ways today to get money from your bank account into someone else's hands, and far few ways to get the money flowing in your direction.


    I do this too, but I've found out that a lot of companies will not accept them anymore, especially online. The problem, from what I can tell is that these VISA gift cards do not have any address or zip code associated with them. Online merchants will ask you to enter the billing address of the card and the transaction will get rejected. Up until March of this year, OneVanilla.com VISA Gift cards, would allow you to log in using the card number and actually enter in a Zipcode into the card record. You could then purchase online and enter that Zipcode and the transactions would usually clear. They stopped doing this in March. I have a few cards which I purchased before then, and when I log into those, the zipcode entry filed is still valid, but the new cards no longer allow it.

    I worked as a contractor in a highly specialized computer systems and control industry for many years. I have seen what goes on behind the curtain and if people really knew how deep the minutia really goes dealing with digital world they would for get about world ending events. Their new worry would be what is really going on behind the curtain at every level. For example the FBI has over 250,000 hacking attempts per month their has been some success. Just think what is going on at other Agencies. Our digital age has evolved and continues to evolve faster than the security of systems. We only hear about less than 1% of what has been actually hacked on the news. The digital age has become the new Army of our advisories and is much more powerful than guns, missiles, or any other type of nondigital old school weapon.
     

    ToolAA

    Ultimate Member
    MDS Supporter
    Jun 17, 2016
    10,499
    God's Country
    Privacy.com is changing their service effective Jan 2022. They will no longer issue virtual cards as Prepaid Debit Cards. All existing created cards will stop working and need to be reissued. The new virtual cards will appear as true Charge Cards.

    Here is a link to their website explaining the changes.

    This change occurred rather suddenly and without much notice. I'm fortunate in that I only have about 10 active virtual cards. I actually closed out about 1/2 of them and reissued the remainder for the cards that I will continue to use, then went to those merchant sites and updated my card info. Took me about 15min. However there are people who are pretty pissed off at the short notice given. Here is some discussion on HackerNews.com forums, one of the founders of Privacy.com replied to several of the comments.

    This change is actually good news in my opinion, in that many online merchants do not accept transactions using Prepaid Debit cards. So hopefully going forward I'll be able to use Privacy.com cards more often.
     

    Users who are viewing this thread

    Latest posts

    Forum statistics

    Threads
    274,916
    Messages
    7,258,539
    Members
    33,348
    Latest member
    Eric_Hehl

    Latest threads

    Top Bottom