Answer the question
In order to leave comments, you need to log in
W
W
WebDev2017-03-06 16:15:14
WebDev, 2017-03-06 16:15:14
Bank card security?
I use a bank card when paying for a variety of services on the Internet and I have a few questions:
1) Some online stores do not require any confirmation by SMS code or something else. I just enter the card number, the expiration date code and the money is immediately withdrawn. In other services, you additionally need to enter a password from SMS. The first method looks very unsafe, because getting this data from the card is not difficult. Why does this method exist and why is it regulated on the service side? It’s another matter if I myself entrusted some site to deduct money from me, but there is no such setting.
2) Everywhere they write that you need to hide your card number, and at the same time, all banks print large numbers on the card itself. In addition, we ourselves are forced to give the card number to others, for example, to the boss to transfer salaries. The card number, again, can very easily go anywhere. Question: what can be done with the card, having only its number and why, if it is unsafe, do banks knock out the number in the most visible place?
In general, all this looks very unsafe and I try not to store large amounts on the card. But after all, people could not create such an ill-conceived and vulnerable structure? Please explain how it all works.
3 answer(s)
@kirill-93
1) The so-called 3ds (confirmation of SMS) is a way to protect the merchant from fraud. In case of your disagreement with the payment (protest through the bank) when 3ds is disabled, the loss is borne by the merchant. If the merchant supports 3ds, the responsibility is shifted to the cardholder. Those. if your card details were stolen and bought through 3ds, you have a good chance to protest and get your money back (although it will take a long time). If there was 3ds (they took your phone away or planted a virus or somehow found out the code) - nothing will be returned. Why don't all merchants support 3ds? Well, for example, read https://habrahabr.ru/company/badoo/blog/234677/ - there are figures on how 3ds reduced sales.
2) Now there is almost nothing, there are almost no places where you can carry out an operation only by card number without any additional verification. I would not show the card number everywhere on the Internet, but also hide the number from friends / boss, etc. there is no point. But the CVV code (on the back) should be hidden (it's best to rewrite and erase it). Again, if they withdraw the card number + cvv - most likely such payments can be protested, but what for you extra gimor.
There are many threats, protests take time, banks are not particularly willing to do this, and so on. So keeping an amount that is not very offensive to lose is the most optimal. And throw money there from another account through the Internet bank as needed.
@Ommonick
@CityCat4
D
Dmitry MiksIr, 2017-03-06 @kirill-93
1) Some online stores do not require any confirmation by SMS code or something else.
1) The so-called 3ds (confirmation of SMS) is a way to protect the merchant from fraud. In case of your disagreement with the payment (protest through the bank) when 3ds is disabled, the loss is borne by the merchant. If the merchant supports 3ds, the responsibility is shifted to the cardholder. Those. if your card details were stolen and bought through 3ds, you have a good chance to protest and get your money back (although it will take a long time). If there was 3ds (they took your phone away or planted a virus or somehow found out the code) - nothing will be returned. Why don't all merchants support 3ds? Well, for example, read https://habrahabr.ru/company/badoo/blog/234677/ - there are figures on how 3ds reduced sales.
2) Now there is almost nothing, there are almost no places where you can carry out an operation only by card number without any additional verification. I would not show the card number everywhere on the Internet, but also hide the number from friends / boss, etc. there is no point. But the CVV code (on the back) should be hidden (it's best to rewrite and erase it). Again, if they withdraw the card number + cvv - most likely such payments can be protested, but what for you extra gimor.
There are many threats, protests take time, banks are not particularly willing to do this, and so on. So keeping an amount that is not very offensive to lose is the most optimal. And throw money there from another account through the Internet bank as needed.
E
Egor Ommonik, 2017-03-06 @Ommonick
At work, you indicate a personal account and not a card number (most often).
If you are very worried about security - seal the three-digit / four-digit code on the card with a small opaque piece of tape.
Keep a separate card for online purchases (or virtual for example).
C
CityCat4, 2017-03-07 @CityCat4
Everything is solved very simply - the second (third, fourth) card is started, on which there is no money. Money is dumped there immediately before the purchase, and twenty rubles dangle like that :) I threw it off, I bought it. And it is this card that is tied to various markets and, in general, to all online payments. And the data of the main card, where the money is - do not give to anyone. Yes, it adds a bit of hassle and you will have to pay a transfer fee. Well, it's your choice...
Similar questions
V
J
D
U
J
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question