[ale] OT: Cell Phone recs Was Re: Android secondary security

Alex Carver agcarver+ale at acarver.net
Fri Apr 14 16:23:40 EDT 2017 

This has been tried many times in the past by various entities.  For
example, shortly after American Express released their Blue card (circa
2001) they gave away card readers to plug into your home computer for
the chip on the card.  The concept was to facilitate online shopping
without transmitting your real card number by way of a token generated
by the card.  The process never really caught on though it might have
been a bit ahead of its time.

MasterCard at one point in the early 2000's had an online tool to
generate one-time-use numbers for your card as well.  These did not have
preprogrammed limits but they expired as soon as they were used.  Again
this didn't appear to catch on.

Perhaps now that online shopping has exploded in the last few years
we'll see a return of these features.

On 2017-04-14 07:17, Kyle Brieden wrote:
> I sincerely believe with every fiber of my being that BoA is one of the
> worst companies to ever have existed, but that's actually kind of cool. 
> It's like using keepass/lastpass for your CC numbers.  I wonder why more
> banks don't do this?
> 
> ---
> Very respectfully,
> Kyle Brieden
> 
> On 14-04-2017 09:34, Lightner, Jeffrey wrote:
>> Further OT but this is why I like Bank of America’s Shopsafe.
>>
>> Rather than giving people my real credit card number I can give them a
>> temporary number generated in Shopsafe.
>>
>> Moreover I can set a limit and an expiration on the card of as little
>> as 2 months.   If I expect to pay $33 I might set the limit to $40 to
>> allow for taxes or other charges not immediately apparent but they
>> can’t charge more than the limit I set.
>>
>> Another benefit I like in Shopsafe is that once the temporary number
>> it has been charged by any one merchant it can’t be processed by any
>> other merchant.   This means if the site I input the number on gets
>> hacked right after I do the input and the merchant has already charged
>> me (as is usually the case) the hacker gets nothing for his effort.
>> One can generate multiple Shopsafe numbers to use at different
>> merchants.
>>
>> This is also great for “services” that require you to give them a
>> card for “automatic renewals”.   If you don’t want the automatic
>> renewal you set the Shopsafe number to expire before merchant’s
>> renewal date and the “automatic” will be rejected later.   (Of
>> course you also set the limit to only allow the one charge so if they
>> “automatic” on you before the expiration it will also fail.)

More information about the Ale mailing list