Buying stuff online can be a risky proposition. Sure, the big vendors do their best to make you feel safe, but what if you have to give up your credit card digits to a vendor you don’t know?
I have to do this quite regularly. Fortunately, I have a tool that helps make the process safe. But first, let me share a few scenarios involving where and why I give my credit card digits to vendors all over the world.
I review products and services as part of my job. Often, that involves signing into online services, putting them through their paces, and giving you my honest, if a bit snarky, opinion.
While I sometimes have to pay for those services out of my own pocket (or review something I previously decided to buy), most of the time, the vendors will provide a complimentary account for some period, usually a few months or a year.
This is important to me because many of the services I test cost a few hundred bucks a year. If I have to test 10 or 20 services in a given year, paying for all of them could add up really fast.
Also: 10 common dangers VPNs won’t protect you from online – and how to avoid them
Usually, the way vendors provide a complimentary account is via a coupon code. This gives a 100% discount for the period. This works well because it integrates seamlessly with their systems and lets me do my testing without any out-of-pocket expense.
But here’s where the credit card comes into this scenario. In many instances, a given vendor’s checkout process won’t run without first providing a credit card number, even if it never gets charged.
One category of services I regularly test is website hosting services, which can be run by vendors located all over the planet. A few years back, I went through a signup process, gave my card number, entered my coupon code, and was able to test for free.
But 12 months later, I was suddenly charged almost $500. Their system auto-billed using the credit card I had on file. And since I didn’t cancel my account before the charge went through (because I didn’t even know it was still in operation), customer service didn’t want to grant a refund. The PR person I had worked with the previous year was no longer with the company, and nobody wanted to be helpful.
The company actively practiced the Ferengi First Rule of Acquisition: “Once you have their money, never give it back.”
I did, eventually, get my money back through a combination of persuasion and intimidation. What? I’m from New Jersey. Still, it was time-consuming, stressful, and very annoying.
Since that time, I’ve used a service that lets me put strong limits on my card being charged without my express permission. Privacy.com lets me limit the amount that can be spent on any card I create, limit how many times a card can be used, and more. Had I used a Privacy card, that hosting provider experience would never have happened.
Let’s talk about how you get started, go over how it works, and then dig into the benefits you get from Privacy.com.
Getting started with Privacy.com
To get started, point your browser to https://app.privacy.com/signup. Before we move on, there’s one thing you’ll need to know. Privacy asks you for some personal information, including your name, residential address, date of birth, and possibly a copy of your driver’s license. They may also ask for other documents.
The company explains its reasoning for these fairly intrusive requests as:
To help the government fight the funding of terrorism and money laundering activities, federal law requires all financial institutions to obtain, verify and record information that identifies each person who opens a Privacy Account.
You’ll also need to set up a funding source. This is the account from which Privacy will pull your money in order to pay it out to the vendor you’re paying. Keep in mind that although Privacy will issue you credit card numbers, it does not provide credit. Everything you pay using Privacy will either be removed from your bank account directly or via a debit card that links to your bank account.
Those are your two funding source possibilities: a personal bank account or its associated debit card. Privacy (at least the free version) will not work with a business bank account. When you first create your Privacy account, you’ll be asked for a funding source. If you later want to change sources, go to the Account menu item under the little head icon in the upper-right corner of the page.
You can have multiple bank accounts as funding sources, but you can’t have multiple debit cards, and you can’t have both a bank account and debit card.
It’s been a while, but I recall it taking a few days after I signed up for Privacy to fully enable my account. So, if you plan on using this service, don’t wait until the very last minute when you really need it.
Using Privacy.com’s virtual credit cards
As you can see, I have two Privacy cards set up. They are, in fact, for two hosting providers I was reviewing, where I needed to provide a card number. For the record, neither was the problematic hosting company I described above. I won’t be sharing the name of that company here.
These two cards are currently active with a total spend limit of $1. I could have set it up for any amount I wanted, but I chose $1 since it should never actually be used. If I change my mind, I can change the transaction limit later.
Also: How AI can help you manage your finances (and what to watch out for)
Before we create a new card, let’s do a little housekeeping with these two cards. First, I want to pause the Bluehost card.
Pausing prevents the card from being charged but keeps the card number viable in case I want to turn it back on later. On the other hand, let’s say I want to close the WP Engine card. Using the same drop-down menu in the corner of the card, I can select Close.
This permanently retires the card number and shuts down the card. If I want to pay WP Engine again, I’ll need to use a different card number.
Now, let’s create a card. On the main dashboard, click Create Card. Notice that there are columns for Cards (showing open cards) and Activity (showing the last eight transactions).
Once you hit Create Card, you’ll be invited to create a Virtual Card. Privacy has paid plans that provide other services, like locking cards to certain purchase categories. In this article, I’m only showing the free plan, which has worked fine for me.
Click Virtual Card. Next, assign a name to describe the card. You can select from various brands, and sometimes the card’s graphic will reflect the brand. If you click the “See other popular cards” button, Privacy will give you a bunch of other brand logos.
Also: 4 top personal finance apps for Linux that run on MacOS and Windows, too
I’ve found that some brands, even though they’re not shown on that list (like Bluehost), will also be created with their proper logos. Don’t worry about whether or not the vendor you want to pay has a logo in Privacy or not. I’ve found their cards work equally well for giant vendors and the small companies I’ve had to work with over the years. For the free plan, each Privacy card is tied to a given vendor once it is used at that vendor. Once used, it won’t be able to be used at any other vendor.
I went ahead and chose the nickname Boasty Hosty. As far as I know, there aren’t any hosting providers with that name, but it will serve as an example for our article.
Now that the Nickname is chosen, let’s go ahead and click Create Card. You’ll see a card number, as well as what funding source is going to be applied to it.
This detail screen is what you’ll get whenever you click on the card in the dashboard. Here, you can easily see all transactions (including declines), as well as pause, close, and change the financial transaction limits.
It’s the Transaction Limit area that contains much of Privacy’s power. When you click on the words, this screen appears.
For a hosting provider review account, where I have to give my digits, I usually set a spend limit of $1. I also set the card as single use, which means the card automatically terminates and ceases to exist the first time it’s charged.
You can also choose to set a spend limit per month (like no more than $20 per month), per year, per transaction (use it as often as needed, but never charge more than $5), and a total spend (when $100 is spent over the life of this card, stop).
Also: From zero to millions? How regular people are cashing in on AI
Keep in mind that Privacy cards don’t have the same protections as credit cards. They work like debit cards. So, if you give a vendor unlimited use, and that vendor overcharges you, that money will be removed from your account. I recommend always setting conservative spending limits.
Personally, I prefer the single-use option. I can issue a card for an amount I want to spend, and as soon as that card is charged, it shuts down. That way, if I want to make another charge, I have to purposely create a new virtual card.
Just be aware that Privacy does assign certain usage limits for free accounts. If you plan on using this service a lot, be sure to read up on the limits assigned to your account.
That’s it. Beyond using Privacy cards for review accounts, I also often use virtual cards for software purchases when those purchases are out of the country. Most of the software vendors I’ve encountered are very much above board, but it gives me peace of mind knowing that whatever digits I share turn into a pumpkin at first use.
And, for the record, I’ve shut down the Boasty Hosty card already.
Will you use this service?
Have you ever found yourself unexpectedly charged for a service you thought you had canceled? How do you usually protect your credit card information when dealing with unfamiliar online vendors?
Also: The best secure browsers for privacy
Have you tried using virtual credit cards like Privacy.com? If so, what has your experience been? Do you think services like this add an extra layer of security, or do you have other preferred methods for safeguarding your online purchases? Let us know in the comments below.
You can follow my day-to-day project updates on social media. Be sure to subscribe to my weekly update newsletter, and follow me on Twitter/X at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.
