The privacy-friendly contactless payments thread

leoLela

I pay cash when I can, but it looks like we will deal with a cashless society soon. How will we make payments that aren't easily spied on by multiple entities?

The best idea seems to be a contactless frontend like Garmin Pay. But this raises a lot of questions and I can't easily find the answers.

In such a payment there are three relevant actors:

the card issuing bank
the front end (e.g. Garmin Pay)
the vendor

Who gets which bits of your information?

I know that the vendor does not get your card number or your name. But the frontend device has a "device-specific card number". Does that device-specific card number persist between payments? Can it be used by vendors and data brokers to profile you?

What information does the frontend provider receive? Do they know the vendor, the payment sum, the time, etc.?

What information does the bank receive? It would be great if the frontend acted like a 'data condom' and didn't send the vendor information to the bank. The bank should simply receive a generic identifier, e.g., "Garmin Pay". I know that privacy.com offers this. They call it 'discreet merchants'.

csis01

leoLela The "front end" is not a required component for contactless payments. The bank has the option of implementing contactless payments directly from within their own application.

That would certainly keep the data private from the "front end". Unfortunately, you can't do anything to block the bank or the vendor, which act under legislation to keep exacting records of all transactions.

I don't think that cash will entirely go away. Perhaps government issued cash, but that will be replaced by returning to a more primitive economy involving bartering and things like slivers of precious metals for payment. There are enough people around who are uncomfortable sharing all their data that this can't be avoided.

leoLela

Also: are there any prepaid virtual cards that can be added to contactless frontends? That could be useful.

[deleted]

You can bootstrap your own Privacy.com solution if you need because Visa/MC ostensibly don't verify cardholder names. I've been using this hack for several years with almost perfect success rate.

I couple it with disposable virtual cards and parcel lockers when it makes sense. This won't hide transition from your bank (eg that you spent money in Phil's Camera Store) like it would with Privacy.com (as I understand it) but it will get you 90 percent of the way whilst not introducing more parties to a transaction (solutions like Privacy.com and MySudo all conduct some form of KYC or worse outsource them).

I usually just want to hide my identity the litany of small merchants since they're the ones likely to leak your PII not your bank but YMMV.

[deleted]

I was mostly responding to your top question as in it's pretty trivial to minimize data accessible to each of the entities involved (unless they all collude of course). It's really a non-issue for those with reasonable threat models.

leoLela

csis01

The "front end" is not a required component for contactless payments. The bank has the option of implementing contactless payments directly from within their own application.

Not every bank does that.

csis01

leoLela Where did I say that they did? If your bank doesn't, then you need to put some pressure on them.