• @[email protected]
    link
    fedilink
    English
    179 months ago

    I’m certainly not handing out my card over the phone.

    Wait till you learn your routing and account numbers are right there, unencrypted, on the check, and there’s basically zero protection against unauthorized drafts in the EFT system.

      • @[email protected]
        link
        fedilink
        English
        29 months ago

        I think you’re assuming that a merchant who collects card details for payment also stores those details. They do not. The information is immediately tokenized and a 1-way authorization token is returned to the merchant. It’s literally what that little spinny circle when you click “pay” is doing. It’s reaching out to the payment network, which is in turn, reaching out to the card issuer who is proxying it to the issuing bank and asking for authorization.

        At no point is your card number retained by the merchant. If the authorization code is somehow leaked, it’s literally only good for a single transaction, and can’t be used to generate future transactions.