The sixth largest payment processor in the country Heartland Payment Systems disclosed recently their system was compromised by hackers with a piece of data sniffing software watching credit card data pass by between Heartland and credit card networks.
That system processes 100 million transactions a month. This had gone on for months until Visa and MasterCard alerted Heartland about unusual patterns of fraudulent activities. The Wall Street Journal quoted a credit card industry analyst as saying this could be largest credit card data breach ever.
While credit card companies typically reimburse customers against unauthorized charges, having your credit card number stolen is still a hassle. You have to get a new card number, update your recurring charges, and change your bill payment set up. It’ll be best if your card data aren’t stolen in the first place.
If you have the right card, you can make your credit card number more secure by using one-time card numbers.
You need a card by Citibank, Bank of America (including its subsidiary FIA Card Services), or Discover. These banks offer software that generates a one-time card number, officially known as a “controlled payment number.”
You can configure the expiration date and the maximum amount allowed for the one-time card. Once used, the card is tied to the merchant where it was used. If you gave the card number to XYZ.com online or your dentist’s office over the phone, only XYZ.com or your dentist’s office can use it. If you put the maximum at $50, they can only charge up to $50. If the card number is stolen, the thief can’t use it elsewhere. They don’t have your real card number.
The banks call this software by different names. Citibank calls it Virtual Account Number. Bank of America calls it ShopSafe. Discover calls it Secure Online Account Numbers. Under the hood, they are pretty much the same thing. The software is made by the same company: Orbiscom in Dublin, Ireland. Orbiscom is recently acquired by MasterCard for $100 million.
I have used the Orbiscom software for one-time credit card numbers for a few years. It works well. I use it for online, mail, and phone orders. These days you never know who’s going to lose your data once you give your credit card number out. With the one-time card numbers, you gain a little bit peace of mind.