Credit card fraud is by no means a new threat, but it’s a threat that keeps evolving.
While EMV chips have helped prevent the use of counterfeit cards at point-of-sale (POS) terminals, they don’t prevent payment fraud in situations where a physical card is not required. Also known as card-not-present (CNP) fraud, this type of unauthorized transaction applies to online and phone payments that can be carried out with personally identifiable information (PII) alone.
Unfortunately, the information necessary to commit CNP fraud is not hard to come by as data breaches expose the PII of millions of Americans every year. Last year alone there were data breaches that exposed about 165 million sensitive records. Moreover, a recent study by Atlas VPN found that private information, such as Social Security numbers, addresses and credit card numbers, can be bought for as low as $4 on the dark web.
Offering Virtual Credit Card Services
To address this vulnerability, some card issuers are offering virtual credit card services to mask consumer payment information when making online payments. Virtual card numbers use payment tokenization, which works like a one-time-use key that unlocks relevant information at the time of a transaction. The key is a randomly generated and temporary number associated with your credit or debit account that can be used as a substitute for your actual card number.
Given that the merchant receives a temporary and randomly generated key rather than an actual credit card number, the information is essentially worthless to anyone who tries to save or steal it in a data breach.
Benefits of Virtual Card Numbers
The biggest upside to virtual card numbers is the extra layer of identity theft protection you get when you limit the information you store online. You can limit the use of virtual card numbers to particular merchants you don’t want to create online accounts with. You may also have the option of specifying a spending limit or expiration date of the virtual card number.
Another benefit is the time you save if a merchant you do business with experiences a data breach. Typically, if your payment information is exposed in a data breach, you have to get your credit card account number reissued. That means you have to get a new account number and deal with the hassle of updating your payment information anywhere you’ve set up recurring payments. With a virtual card number, however, you simply close the virtual card number that was acting as a substitute to your real card. Or, you may find you won’t have to do anything at all if you’ve set up your virtual card number to expire shortly after a transaction.
Downsides of Virtual Credit Cards
One of the downsides of virtual credit cards is the challenge of returning items you order online. Some stores require you to swipe the card you used in order to process a refund. This, however, won’t be possible given that you paid with a randomly generated and temporary number to complete the purchase. The nature of virtual credit cards also may not work great with subscription-based services. To keep your subscription active, you may have to constantly update your temporary virtual card number every time it expires to keep your account active.
Bottom Line
Virtual credit card numbers are an option worth considering to help reduce your risk of fraud. While the benefits are obvious, the downsides can be a hassle in certain situations.
To maximize the potential of virtual card numbers, it’s best to incorporate a strategy that best utilizes their strengths. If you have recurring subscriptions with companies you trust and have accounts with, for instance, maybe using your regular card in conjunction with healthy password habits can do the trick in keeping your information safe. If you’re making a purchase with a merchant you don’t frequent, then using a virtual credit card number can help give you peace of mind knowing your credit card information won’t be saved somewhere you don’t want it to be.
