I’m just scared that they’re saved with reversible encryption on the disk, then malware could steal them

  • viking@infosec.pub
    link
    fedilink
    arrow-up
    33
    arrow-down
    1
    ·
    10 months ago

    I trust it enough to use the feature, but I’ve got separate cards for online and in-person purchases. The online card is temporarily disabled in my bank app, and I only unblock it when I intend to use it. Takes like 30 seconds extra.

    The in-person card is permanently unlocked for NFC and regular store transactions, but region locked to the country where I’m currently at, and transactions over $30 require the PIN.

    • Suspiciousbrowsing@kbin.social
      link
      fedilink
      arrow-up
      3
      ·
      10 months ago

      Out of curiosity, would it not take less than 30 seconds to type your CC numbers in online each time? I mean the month and ?ccv are easily memorable

      • FireRetardant@lemmy.world
        link
        fedilink
        arrow-up
        9
        ·
        10 months ago

        It being blocked still helps protect them if the card number gets snatched during a transaction. By the time the scammers are ready to use the card numbers, the card would be locked.

      • viking@infosec.pub
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        Yeah sure, but a keylogger could read it at any time then, while cracking the locally saved card is more complex. And locking the card down unless explicitly needed also means that even if my card card does get compromised, it can’t be used of very narrow and random windows, adding a nice layer of security.

          • viking@infosec.pub
            link
            fedilink
            arrow-up
            2
            ·
            10 months ago

            DKB, the credit card for online purchases and the debit card for in person stuff. The app allows quite some micromanagement for card permissions.

            On top of it I’ve got an account with wise.com where I can generate virtual cards, I do that frequently when traveling abroad to sign up for local taxi apps and other services I’ll never use again, then delete the card once I’m done.

            And as an ultimate backup I’ve got an N26 account, just in case someone only accepts MasterCard. I don’t trust them one bit though and only carry a balance of 150 EUR or so on the card and top it up only when it’s exhausted.

              • viking@infosec.pub
                link
                fedilink
                arrow-up
                2
                ·
                9 months ago

                Yep, been using both of them for ages. DKB for 20 years now, wise for almost 10. Never had a reason to complain, except for DKB as a broker, they are just way too expensive.