Credit Card Transaction Protection

Discussion in 'privacy general' started by dataprotect0, Mar 14, 2008.

Thread Status:
Not open for further replies.
  1. dataprotect0

    dataprotect0 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    4
    First, if anyone is interst Trend Micro Security Pro has a feature that allows you to enter data for the program to secure so that if it is sent through internet, e-mail, or IM/Chat it will be blocked.

    I tested it with a username, my real name, a random string of numbers and letters, and a credit card number.

    Works good. Wouldn't let me enter my username 'dataprotect0' when I signed up for this forum and blocked this website until I went into the settings and allowed it. (I'm still testing it out.) Not so good with the credit card though. It protected the credit card from being sent on some sites, but not all.

    Paypal.com wasn't blocked when I entered my fake credit card number and tried to place an order. It was blocked when I tried to enter it into an e-mail though.

    Second, my main reason for this post it to ask if anyone here knows of other reputable programs that do the same thing.

    I'm looking for a program that does the same thing but thats all - a company/program that specializes in this type of thing. They usually are much better since their main focus is on one (or two+) things.

    I'll be glad to hear of ALL programs that do the same thing though...

    Does anyone know a program that accomplishes the same thing that TMSecurityPro "Data protection" doeso_O

    List as many links as you can please, as many people as possible.

    I'm going to review and test all of them.

    :D
     
  2. dataprotect0

    dataprotect0 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    4
    I want to add that it doesn't stop you from typing anything, it just stops it from being sent over the internet.

    Example: I can type 1234567898765432 right here as a fake credit card number and it will allow me to type it.

    But when I click "Submit Reply" or "Post" or "Preview Post" it will block the connection from being sent and instead send me to a trendmicro block page.

    That means that if I download a password stealer or a legit program or spyware program that could possibly send my personal information back to them, trendmicro will block it.

    I hope.
     
  3. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    The password stealer may encrypt the stolen credentials and Trend Micro will be blind.
     
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Which may well be why the test failed on Paypal.

    dataprotect0, you should try a number of other SSL encrypted webpages, banking, shopping, and so on to see if that is the issue, and if there is a pattern of which ones work and which don't.

    As for other products, I don't think I'd ever heard of a standalone product that provides just that one feature. It'd be an interesting product though, if there was one.

    Other suites and software firewalls may well have that feature. Zone Alarm has had it for years. In fact, there are threads here about an opposite problem to what you are seeing. Some people enter into the words/phrases to be blocked their pin numbers and/or the last 4 digits of SSN (US), and then find that at random websites and random times, they get alerts that those sites were requesting that information. When in fact, it was just a coincidence. Blocking a simple 4-digit number is often the issue there. If my pin is 1234, there are likely many times a website and I might communicate the digits 1234 that have nothing to do with my pin or social security number.
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Most sophisticated malware does use encryption making any such "data blocking" feature useless - indeed it could be worse than useless if it gives users a false sense of security, causing them to overlook other security measures.

    A better way to protect credit card data is to use a system that generates one-time use CC numbers (see ShopSafe or Citibank Virtual Account Numbers in the US, Cahoot Webcard in the UK). This not only covers data interception (by ensuring that fraudsters can't use the CC numbers picked up) but also the far more serious (and more likely) case of an online store having their server compromised and customers' CC details stolen.
     
    Last edited: Mar 17, 2008
  6. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    The use of a randomly generated credit card number for online transactions is becoming more widely used by many banks now. By not giving out your actual CC number and replacing it with a temporary "fake" one, you don't have the disclosure issue with servers that store CC information. I would actually like to see it used in retail establishments so that retail employees could not have the ability to abuse my CC information.

    But going back to the OP, no I don't know of any of those type programs.
     
  7. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    My bank in Hawaii, which is French owned, told me that they have no plans ever to implement this for their Mastercards (or Visas). They have to pay Mastercard and Visa to be able to use the program and they won't. I have one Citibank card and it doesn't have this feature but it wasn't orginally a Citibank card (AT&T).
     
  8. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I haven't seen the use of the "fake" CC number used by many banks. But a few like the Discover card and Citibank credit card which I have provide this option.

    http://www.discovercard.com/customer-service/security/create-soan.html?gcmpgn=0801_gf_soan_txt

    https://www.citibank.com/us/cards/gen-content/messages/van/index.htm

    http://www.creditcards.com/Citi-Offers-Virtual-Account-Numbers.php?a_aid=1017&a_cid=1204

    According to the ATT Universal card website, you do have this option.

    http://www.universalcard.com/us/cards/ucs/howweprotect.jsp

    If your card was "taken over" by Citibank, I would think that all of the features available to Citibank CC holders should apply to you as well. With the merging of many credit card operations being done recently, in all of those situations, the CC operation that was sold usually has its previous terms and conditions replaced by the buying CC company.

    BTW, I visited the Big Island back in July 2001. Very nice scenery, but I was never quite enamoured with the single highway route for going aroung the island and the higher than average prices for everyday things. :ouch:
     
  9. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Discover offer a similar facility Secure Online Account Numbers - a comparison with Citibank's facility can be found here.

    American Express used to offer a similar facility (to US customers only...grrr) called Private Payments but have now withdrawn it.
     
  10. Manny Carvalho

    Manny Carvalho Registered Member

    Joined:
    Jun 3, 2004
    Posts:
    270
    I happen to have that original AT&T card and Citibank does offer it. If you log on to your account look in the Tools and Services menu. It's the second option down. They have both the downloadable version that runs on your machine [I like that one] and the web based version. In fact, I just downloaded and installed it on my new laptop. Works like a champ.

    The next thing I do is make it a blocked application in my firewall so it doesn't get executed by mistake or anything else. I unblock it only when I want to use it.
     
Loading...
Thread Status:
Not open for further replies.