I’m just scared that they’re saved with reversible encryption on the disk, then malware could steal them

  • Bob Robertson IX@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    9 months ago

    If it’s a credit card then you should have pretty decent protection against fraud from the credit card company. I’ve had my card details stolen a few times (though never directly from my browser) and each time the credit card company has identified the fraud and reached out to me within minutes.

    Now if it’s a debit card, you should NEVER put those numbers into a computer. I only ever use my debit card to access the ATM, and even that is rare.

    • akaltar@programming.dev
      link
      fedilink
      arrow-up
      14
      arrow-down
      1
      ·
      9 months ago

      Sounds like a very US specific answer. In EU I only have a debit card and sometimes I have a hard time using it even myself because I need to pass 2fa and sometimes even that isn’t enough if I’m on a new browser

      • 2xsaiko
        link
        fedilink
        arrow-up
        5
        arrow-down
        1
        ·
        9 months ago

        Credit cards work the same everywhere*, it’s not US-specific. My debit card actually only has my bank account number on it (but I think that actually is a Germany-only thing with our Girocards), so paying for stuff online is just a normal bank transfer, where yeah you do have to pass the bank’s 2FA (unless it’s via SEPA direct debit).

        * mostly, my card requires me to confirm some charges in a special phone app, I don’t think that’s a thing everywhere since it’s also fairly recent

      • GissaMittJobb@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        This is on account of the concept of SCA (Strong Customer Authentication) from PSD2 (Payment Services Directive), an EU-regulation.

    • pearsaltchocolatebar@discuss.online
      link
      fedilink
      arrow-up
      5
      ·
      9 months ago

      That’s only true for debit cards that aren’t backed by master card or visa. When you use your debit card that is online, it’s run as a credit card and has the same fraud protections.

    • makeasnek@lemmy.ml
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      9 months ago

      I don’t use debit cards anywhere for this exact reason. Don’t even have one. When I have in the past, I’ve had the card linked to a seperate bank account with a small balance and no overdraft protection to limit damage. What I’d found though is that even when you tell the bank not to enable overdraft protection, they conveniently forget that and it stays possible to overdraft your account and get hit with fees,

      I do the same strategy for crypto wallets, there’s only a small amount in my browser wallet so that if somebody gets it, they can’t steal much. From there you can have varying degrees of storage security for larger amounts: multi-sig so you have to sign transactions using multiple devices, hardware wallets, and cold storage.

      I see all these articles about people getting thousands of dollars stolen from their crypto wallet and I’m like, you put $3,000 on the same computer you play Zombie Run 4 on? Knowing there was no fraud protection? And that a hardware wallet costs $100? Or that multi-sig is free? If you are storing that much in crypto, you need to either educate yourself on safe storage or use a custodian you can trust (exchange, multi-sig with family member, etc) who can.