this post was submitted on 10 Feb 2024
97 points (96.2% liked)

Firefox

17937 readers
37 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

I'm just scared that they're saved with reversible encryption on the disk, then malware could steal them

you are viewing a single comment's thread
view the rest of the comments
[–] viking@infosec.pub 32 points 9 months ago (2 children)

I trust it enough to use the feature, but I've got separate cards for online and in-person purchases. The online card is temporarily disabled in my bank app, and I only unblock it when I intend to use it. Takes like 30 seconds extra.

The in-person card is permanently unlocked for NFC and regular store transactions, but region locked to the country where I'm currently at, and transactions over $30 require the PIN.

[–] Suspiciousbrowsing@kbin.social 3 points 9 months ago (2 children)

Out of curiosity, would it not take less than 30 seconds to type your CC numbers in online each time? I mean the month and ?ccv are easily memorable

[–] FireRetardant@lemmy.world 9 points 9 months ago (1 children)

It being blocked still helps protect them if the card number gets snatched during a transaction. By the time the scammers are ready to use the card numbers, the card would be locked.

[–] Suspiciousbrowsing@kbin.social 1 points 9 months ago

Nice, I like it!

[–] viking@infosec.pub 1 points 9 months ago

Yeah sure, but a keylogger could read it at any time then, while cracking the locally saved card is more complex. And locking the card down unless explicitly needed also means that even if my card card does get compromised, it can't be used of very narrow and random windows, adding a nice layer of security.

[–] ris@feddit.de 2 points 9 months ago (1 children)
[–] viking@infosec.pub 1 points 9 months ago (1 children)

I'm an EU citizen and my cards are issued in the EU, but I live in Asia.

[–] ris@feddit.de 1 points 9 months ago (1 children)

Which Bank? The one I use sucks ( financially and IT-sec wise)

[–] viking@infosec.pub 2 points 9 months ago (1 children)

DKB, the credit card for online purchases and the debit card for in person stuff. The app allows quite some micromanagement for card permissions.

On top of it I've got an account with wise.com where I can generate virtual cards, I do that frequently when traveling abroad to sign up for local taxi apps and other services I'll never use again, then delete the card once I'm done.

And as an ultimate backup I've got an N26 account, just in case someone only accepts MasterCard. I don't trust them one bit though and only carry a balance of 150 EUR or so on the card and top it up only when it's exhausted.

[–] ris@feddit.de 1 points 9 months ago (1 children)

Are you happy with DKB and Wise in all other ways?

[–] viking@infosec.pub 2 points 9 months ago

Yep, been using both of them for ages. DKB for 20 years now, wise for almost 10. Never had a reason to complain, except for DKB as a broker, they are just way too expensive.