Dark Mode

Data Breach Defense: Payment Masking

In the Christian Bible, Jesus said, "Where your treasure is, there your heart will be also." Put another way, "show me your bank statement and I'll tell you what matters most to you." Your bank and/or card issuers are selling your transaction data to data broker companies, who use this information to figure out things like your income, net worth, and what you're likely to buy. They can correlate this data with marketing campaigns to figure out how to better sell you things. They can also correlate things like where you live based on the geographic areas you spend money. And of course, I need not tell you that credit card information on the internet is highly vulnerable to being stolen in a data breach. Protecting your transactions is a critical part of protecting both your privacy and security. Fortunately, this is quite easy to do.


Step one is to use cash whenever possible. The advantages of cash are numerous. For one, cash has been proven to help people spend less, so it'll save you money. Another is that it keeps you from overspending by removing the possibility. One common fear is that by carrying cash you make yourself a target for mugging. Frankly, this is ridiculous. Criminals don't have x-ray vision. They don't know if you're carrying credit cards, cash, or how much.

My strategy is to figure out how much cash I'm likely to need during any given pay period - gas, groceries, entertainment, etc - and withdraw that amount at my local ATM. Of course I am giving away a general location of where I live by doing that, but all my other transactions remain private. How much I drink can't be used against me in health insurance quotes in the future, nor can how much I drive be determined based on my gas purchases, or any other number of invasive facts about my private life. Additionally, I never have to worry about my card being skimmed at a machine.

Online Payments

Of course, cash can't be used everywhere, primarily online. In those situations, you have a variety of options. If you live in the United States, I recommend Privacy.com (non-referral link). The service is free, they make their money from transaction fees from the vendor at no cost to you (just like a normal credit card would), as well as a premium tier of services and features. The service links to your bank account and allows you to create digital debit cards that can be limited by total, month, per-transaction, or one time use (or unlimited, if you so choose). The cards link to the vendor they're used at, so for example if you use a card on Amazon and Amazon suffers a data breach, the card can't be used anywhere else. It's essentially useless to the hacker. Likewise, since each vendor will require a unique card, a stolen card number doesn't require you to cancel your card, get a new one, and painstakingly update every service you use. Just cancel the one and update it with almost no disruption to your daily life. For European readers, Michael Bazzell mentions Revolut, although this service does seem to come with a flat monthly fee. One of my Canadian contributors also mentioned PayAware. They cautioned me that it does not allow for false information the way Privacy.com does but it's still a way to safely use an online card without risking your regular card.

Some people may not be comfortable giving their bank information to a third party, or may live in a country where Privacy.com doesn't operate. In those situations, I would recommend using pre-paid gift cards or Visa vanilla gift cards, paid for in cash. You also have a variety of pre-paid digital options. Among the ones I would recommend are MySudo, Abine Blur, Neteller, and for European readers Kevin Mitnick suggests ViaBuy (Neteller should also work in Europe). Note that none of theses situations, including Privacy.com, is actually totally private the way cash is. Somewhere along the line a trail has been created that, with enough effort, can be traced back to you, so don't use this as an excuse to do anything illegal. This is purely to throw off automated tracking systems and protect your card number from being stolen in a data breach.

Bitcoin & Cryptocurrencies

A few years ago, Bitcoin exploded in popularity in the media when the value rose dramatically. While I'm not necessarily opposed to Bitcoin and other forms of cryptocurrency, I don't think the average person needs to pay much attention to them. For one, contrary to mainstream media portrayals, Bitcoin is not 100% private or anonymous by it's design either. It takes a lot of work and effort to set up an anonymous Bitcoin wallet and to use it in a way that maintains that anonymity. Generally speaking, I think cryptocurrencies are fun, and I'm very much of a fan of the idea of decentralized, government-free currencies. I also think it's a good idea to diversify your money. However, I would caution one against getting too interested in Bitcoin. At this time, it's a hobby and an ideology more than a practical thing. I wouldn't put too much money into it for a variety of reasons.

Previous Next