• Caveman@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    10 days ago

    As a sidenote here I have a different issue where handing people your CC info is basically handing out the private keys to your bank account to a third party.

    I’d really like it if a credit card would use a public key system where you can verify that I have the funds and that the payment originates from the payment provider instead of getting my full CC details. I don’t really see why it’s necessary for a business to know who I am instead of just getting a green light from Mastercard or Visa to make the payment.

    • chiliedogg@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      10 days ago

      Aren’t cellphone NFC payment essentially a long-form version of this? As far as the machine is concerned they’re getting your CC info, but Google/Samsung/Apple Pay are acting as a middleman and your actual credit card information is never actually shared.

      • Caveman@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        10 days ago

        Yeah, it has it’s perks but my NFC stops working on a regular basis. Also I don’t like having my payments go through a spyware conglomerate.

      • tmpod@lemmy.ptM
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        As far as I know, modern cards don’t just send your CC info to terminals, they do some form of a cryptographic handshake (probably a pubkey signature or similar) which gets confirmed by your bank. I believe Caveman was talking more about online shopping, where you have to enter your card number, expiration date, CVC and often your name too.

    • tmpod@lemmy.ptM
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 days ago

      That’s why I love virtual card systems like MB NET. You just generate a random virtual card for every purchase (or a recurring one for each subscription vendor, for example) and move on. Your bank still knows what you’re doing, of course, but vendors can’t correlate anything. Preventing your bank from knowing where you’re spending your money is much harder, for very practical reasons: fraud detection. The only real way is to use a secure crypto coin like Monero, but very few places accept it and you still have to deal with volatility.