1

It seems that compromised credit card numbers have become a cost of banking--often through no fault of the bank or the consumer. But getting a new credit card number is a real pain in the neck--you have to update all the vendors (Netflix, Verizon, the gym, the newspaper, etc).

Do any banks issue one-per-vendor credit card aliases?

A unique account number would isolate any compromise to just one vendor and save us all a lot of hassle. The popular emails vendors (hotmail, gmail, probably a bunch more) provide exactly this type of service for email accounts.

Chris W. Rea
  • 31,999
  • 17
  • 103
  • 191
Jeromy French
  • 366
  • 1
  • 5
  • 20

3 Answers3

3

These do exist in the US; I've personally used them in the past through a Citi credit card.

Wikipedia has some info that seems to fit: Controlled payment number

A controlled payment number (a trademark of Orbiscom[1]), also called by generic names substitute credit card number, one-time use credit card, disposable credit card and virtual credit card number) is an alias for a credit card number. It is generated through the use of either a Web application or a specialized client program, interacting with the card issuer's computer, and is linked to the actual credit card number.

Typically, a controlled payment number has a limit, and an expiration date between two and twelve months from the issue date, both chosen by the account owner, and while it can usually be set up to allow multiple transactions, it can only be used with a single merchant. This "alias" number is indistinguishable from an ordinary credit card number, and the user's actual credit card number is never revealed to the merchant. Consequently if it is compromised a fraudulent user can usually not steal money, and the limit reduces how much a dishonest merchant can steal.

The system was developed by Orbiscom, a Dublin-based payment processing company which was acquired by Mastercard in January 2009 and in parallel by Cyota Inc.[2] It is used by a number of credit card issuers. In the USA, these include Bank of America (which inherited its system, "ShopSafe," when it acquired MBNA), Citibank ("Virtual Account Numbers"), Discover Card's Secure Online Account Numbers and NetSpend's "virtual accounts". Examples from other countries are MBnet, which can create a payment number linked to virtually any credit or debit card emitted in Portugal.

Kevin Reid
  • 879
  • 8
  • 10
2

Banks issue one-per-transaction alias.

If you don't want the vendor to store credit card number - just pay the bill manually when you receive it instead of using auto-pay, or use a separate re-loadable card that would be loaded with the precise amount you expect to be charged. You can get these cards in any supermarket.

Managing alias per vendor is complicated and costly, it is much cheaper to reissue a card in case of a fraud rather than manage tens of virtual accounts per one physical.

littleadv
  • 190,863
  • 15
  • 314
  • 526
2

Bank of America offers ShopSafe with it's credit cards. I have a BofA/AlaskaAir card. It works as advertised! I love it. I use it dozens of times each month and I have at least a dozen recurring (monthly) cards with some of my merchants.

The only problem I see is their handling of compromised REAL credit cards. They end up cancelling ALL of you ShopSafe numbers along with the Real credit card. EVEN THOUGH they don't need to be associated in that way.

My only work-around is to get a second credit card for exclusive use of ShopSafe and to keep it locked up and NEVER used (for real.)

JoeF
  • 21
  • 1