Storing a credit card as a payment method – think keeping your card on file from your favorite takeout place so you don’t have to enter your card details the next time you order – can make online transactions easier and simpler. But there are also risks involved in storing your cards this way.
For example, a data breach could compromise your card information and lead to fraudulent charges. Also, not all companies comply with data guidelines that can help protect your information.
But there are ways and steps you can take to help protect your card information when storing your credit card as a payment method. Here’s what to know.
Risks of storing a credit card as a payment method
There are several ways to store your card online. For example, when checking out at a merchant, you may be prompted to create an account and link a card for faster checkout in the future. Similarly, based on your settings, your phone or computer’s “autofill” feature may automatically fill in your card information during checkout if you’ve used a card on the device before.
Digital walletslike Apple Pay or Google Pay, also allow you to use a smartphone or smartwatch to store cards and make purchases. These processes can make online transactions smoother, but they come with potential security risks that you should be aware of.
Data breach or fraud
Storing your card online can increase the chance that your card information could be exposed and used for fraudulent purchases in the event of a data breach. This can also happen when cards are stored on password-protected devices, and especially when you use your card on public devices or on public Wi-Fi networks that can be hacked.
The Payment Card Industry Data Security Standard (PCIDSS) outlines the security measures companies must follow to protect cardholders’ data when they store your card information. But not all businesses are fully compliant, and even with compliance, breaches can occur that put your information at risk.
Problems updating your card information
Keeping your card on file can often cause hiccups if your card information is updated due to product changes, card expiration, fraud or the like. For example, if you get a new version of your credit card with a new number, but you used the previous version with a certain merchant, your issuer can automatically update your card number in that merchant’s system — even if the previous card was replaced due to fraud.
This can lead to unauthorized or unexpected charges on new cards.
How to protect yourself
There are steps you can take to reduce the risks when storing your credit card information online:
Use password-protected devices. Storing your card information on a publicly accessible computer can increase the risk of fraud. It is important to keep your cards only on personal devices such as your home computer, and use strong passwords and multi-factor authentication to further protect your card data.
Pay with a digital wallet. While digital wallets are a way to store your card, they offer much stronger protection than storing your card on file with a merchant. This is because when you pay Apple Pay or Google Payis a built-in process called “Tokenization”which generates a random one-time code that hides your actual credit or debit card number.
Use a virtual number. Like a digital wallet, Virtual Card Number Can help save your card data as they don’t require you to enter your actual card number online. Instead, they are one-time-use card numbers that you can request through your issuer, payment network or app, and use to make purchases online.
Check where your card is stored. As mentioned above, when you get a new card, the issuer may automatically update the new card information where your old card was previously stored. This can be especially dangerous if you ordered a new card due to fraud, as the fraud charges may still be on your new card. Some issuers offer tools that show cardholders where their card is stored or what subscriptions are linked to their cards. For example, through Chase’s app, under “Account Services,” cardholders can see where their card is currently stored. You can also check your browser settings to see if there are cards on your computer or phone.
