News of a second Sony video game network breach means that thousands more user credit card numbers may be at risk of fraud. It seems that once you hand over your financial information to an online vendor, you’re pretty much at the mercy of that company’s wherewithal to install the latest Apache patch. But there is something consumers can do to protect themselves.
Single-use credit card numbers have been around for a while and they’re something to consider if you’re security conscious. They’re essentially an alias for your credit card number, allowing you to give each online merchant with whom you do business a different number, but have them all withdraw from the same account. That way, if one number’s compromised, the bad guys won’t have your real credit card number–you can just cancel the compromised alias and it won’t affect any other single-use numbers.
It sounds great, and that usually means there’s a catch. In this case it’s that single-use numbers aren’t especially convenient to use. For one thing, they tend to have a maximum lifespan of 12 months. So if you use a virtual number to sign up for a service with recurring payments like Netflix or PSN, you’ll have to remember to update your payment method at least once a year.
Finding the feature when you’re logged in to your credit card account can also be a bit tricky, but Citibank, Discover, and Bank of America offer it. Paypal used to offer disposable credit card numbers tied to your account, but recently discontinued the service, apparently because few used it. With commercial database breaches getting so much media attention lately, that might soon change.