I’m just scared that they’re saved with reversible encryption on the disk, then malware could steal them
With credit cards any fraud is the responsibility of the credit card processor not the individual. So the risk isn’t on your side.
I actually memorised my credit card number including the expiration date and security code. it’s very convenient and I highly recommend it.
No. I don’t save cc’s on any browser.
Dont save anything* in a browser. Permanent private mode
Your saved passwords are reversible too, just don’t do it. If you really want to, put a password on it, but then why would you even save it at all? The convenience is lost at that point. And if you save it without a password, to decrypt the cc a decryption key has to be saved somewhere, and if it’s not on your pc, it’s saved on a server you don’t own.
I trust it enough to use the feature, but I’ve got separate cards for online and in-person purchases. The online card is temporarily disabled in my bank app, and I only unblock it when I intend to use it. Takes like 30 seconds extra.
The in-person card is permanently unlocked for NFC and regular store transactions, but region locked to the country where I’m currently at, and transactions over $30 require the PIN.
Out of curiosity, would it not take less than 30 seconds to type your CC numbers in online each time? I mean the month and ?ccv are easily memorable
It being blocked still helps protect them if the card number gets snatched during a transaction. By the time the scammers are ready to use the card numbers, the card would be locked.
Are you in the EU?
I’m an EU citizen and my cards are issued in the EU, but I live in Asia.
Which Bank? The one I use sucks ( financially and IT-sec wise)
DKB, the credit card for online purchases and the debit card for in person stuff. The app allows quite some micromanagement for card permissions.
On top of it I’ve got an account with wise.com where I can generate virtual cards, I do that frequently when traveling abroad to sign up for local taxi apps and other services I’ll never use again, then delete the card once I’m done.
And as an ultimate backup I’ve got an N26 account, just in case someone only accepts MasterCard. I don’t trust them one bit though and only carry a balance of 150 EUR or so on the card and top it up only when it’s exhausted.
Are you happy with DKB and Wise in all other ways?
Yep, been using both of them for ages. DKB for 20 years now, wise for almost 10. Never had a reason to complain, except for DKB as a broker, they are just way too expensive.
I would totally trust it, but on a cyber security stand point I don’t trust anything with my credit card. The only place where the numbers are stored are on the physical card itself
I’m also kinda wary of saving cards in the browser. So I created a virtual card with a spending limit for that purpose.
Although there’s more to fear from malware stealing saved passwords. Fraudulent transactions can be reversed, identity theft will do a lot more damage.
I recommend a password manager like Bitwarden, it has a great Firefox extension and it’s very secure.
I self host vault warden, and the card auto-fill works ~70% of the time, and about half of those, the security code or the expiration doesn’t work. EBay is the first one that comes to mind. I know it’s the websites not following standards or conventions. It happens often enough that I remember the dates and codes now because I end up having to fill them in so often.
Protip: if a field doesn’t populate, right click on it, then choose “copy name for bitwarden” (or something like that, not using FF in English), then add a custom field in the CC entry in bitwarden using that name in the clipboard. From now on on that specific page it will work
I actually didn’t know that. Thanks for the tip!
I never had any issues with it
It seems really bad at filling CC info though. Like, I don’t think it works at all. I always need to copy the number separately.
I still use it but it is annoying.
Its less annoying than having to get up to get my wallet
Oh definitely, which is why I use it.
Not for me. It works every time. Even on pages that disable pasting into the CC box, the BitWarden extension can still fill it in.
Huh, weird that I seem to have ao much issues with it. Could be due to mostly ordering from Finnish sites and the fields are often in Finnish.
I keep those kind of numbers in Keepassxc and cut and paste them when I need them. It’s not that I don’t trust FF I just think having one storage place is better than having two and it’s just not necessary for FF to have them. A few extra seconds of copy pasting inconvenience is a price I’m happy to pay. For extra security I never cut and paste the CVC, that’s always manual entry from memory.
Absolutely not.
More likely to be stolen in person at your local coffee shop
No, i use keepass and coppy/paste like the other commenter
I don’t even trust Steam, let alone Mozilla. I don’t think I’ve ever had any credit card auto-fill on any browser I’ve ever had
I don’t think that is encrypted at all. Just like your passwords and cookies, they aren’t either.
No… not leaving cc on any browser… I use KeepassXC and setup to clear anything in the clipboard within 10 seconds
