In case anyone didn't catch what this actually costs, the answer is: 1.5-2%, which is the rate you could get cash back (or airline miles/etc) with good credit.
Because this service draws directly from your bank account, and takes what would otherwise be your rewards from the credit card fees their banking partners charge, it provides a nice business model for them at the cost of you getting 0% rewards back. Not worth it, in my opinion.
Yea I'd agree with that. Was bummed this couldn't be set up with a credit card, and didn't bother asking after realizing it'd break their business model.
All online transactions are processed as credit - even if the card used is debit/prepaid debit - and the card issuer earns 1-3% for each transaction.
Some of this fee is rebated back to people through cashback/travel rewards cards, but I am assuming Privacy & Customer's Bank will be using it to fund their business.
Pretty cool idea! And even cooler website!! Would be interesting to see some sort of loyalty/rewards program implemented, although that doesn't really jive with your anti-marketing pitch.
I'll be sticking with my credit cards for now. They're worth a lot more than their rewards, and it's a shame so many people choose to stick with debit...
They actually get one better. Whereas a credit card takes 1-3%, gives you 1-2%, makes $$ on various partnerships for redemption, sell your data for additional $$, and potentially charges you yearly, monthly, or interest fees. The CC ALSO extends you 1 month liquidity for free.
These guys directly debit you, so they have to float nothing, they have no fee on the ACH, and they keep the 1-3% merchant fee. That said... avoiding some of those earlier issues of fees and data selling, this seems kinda cool.
In the footer it also says its accepted everywhere Visa debit cards are, NOT credit cards. That's a huge caveat because debit cards aren't as universally accepted as credit cards.
A prepaid debit card is different from a plain old 'debit card'. The debit card is accepted everywhere a credit card is (as long as it says Visa or Mastercard on it).
In fact a few places accept debit cards but do not accept credit cards as fees with debit cards can be lower.
There's just a handful of subscription merchants that don't take prepaid debit cards.
The problem comes with things like hotels and car rentals. For example, I'm staying in a hotel tonight, and they just authorized my credit card for $200 more than the nightly rate to cover incidentals (the notice came to my iPhone). If that were a debit card (or Privacy), they would have to pull the full amount from my checking account right away, and it could be days or weeks until they put it back. Since it's a credit card, they'll release the hold when the final bill comes through in a day or two, and I'll never know the difference.
You can put a hold on a debit card too without pulling the entire amount (they run an authorisation and release it immediately) I've used it to rent cars and hotel rooms, they do a check but the amount isn't 'blocked' off. In effect your statement looks just like a credit card.. There's absolutely no difference except with a credit card it's a borrowed balance.
I'm not too aware of how cards are in the US but generally in Europe & Australia (afaik) they're this way. Do cheque cards have mastercard/visa on them in the US (What about maestro/electron)?
US merchants don't do this. Most of the ones who take a deposit (hotels, car rental) have signs at the counter warning that they may put a substantial hold on your cash if you use a debit card, which won't be released for quite a while.
You are right -- if the card is bank-issued, then they can simply place a hold and release it without money flowing. With Privacy, it would seem they will need to actually pull the cash to be able to ensure that its there when the final charge comes through. Curious to see how this plays out.
>US merchants don't do this. Most of the ones who take a deposit (hotels, car rental) have signs at the counter warning that they may put a substantial hold on your cash if you use a debit card, which won't be released for quite a while.
My company used to send us on work related trips which were paid for in advance, but relied on us to provide our own cards at the hotels for incidentals. After a few (presumably less financially stable) employees used debit cards with low balances to check into hotels (effectively leaving them with no money during their stay), this policy changed so now the company credit card is used for hotel check-ins.
I personally hate the new policy because I have good credit and like getting room service, and for some reason I find it kind of emasculating that I'm not allowed to use my own card.
Esp when Citi offers this on the DoubleCash card, which is 2% (though the experience of the Flash-based or desktop-app-based Citi number generator combined with their lack of support for require-every-time 2FA make it a lot less than ideal)
Hey HN - Privacy.com co-founder here. I'm really excited to share what we've been working on for the past year and a half or so.
We've been neck-deep in payments stuff on the card issuing side (getting a BIN sponsor, ACH origination, etc), so happy to answer any questions on that front as well.
P.S. For new users, your first $5 donation to watsi.org is on us :)
Say there are 3E9 people on Earth, each with 3 cards. That's around 10 digits right there. There's 1 digit for checksum. I imagine you'd want to leave space for least 1000 financial institutions around the world, so that's another 4 digits. Which means you can only have 100 transactions per person.
None of this takes into account the fact that the same people are issued way more than 3 card numbers either.
So my question is, how are we not close to running out of card numbers? How is this not even a problem yet?
The short answer is that, in theory, we are running out. It's kept in check now by some amount of BIN & account number recycling by financial institutions.
I don't believe we are that close to running out though, are we?
Using the number scheme, this person calculated^1 that (assuming Amex starts issuing 16 digit cards) there would be 3*10^14 + 10^11 or 4.001e+14 possible combinations.
It averages out. The people who do have credit cards are issued far, far more than 3 numbers in their lifetime due to cards expiring/being cancelled, promotional offers etc. I myself have had something like 10-15 different card numbers in the past 10 years, without actually trying.
This actually wouldn't be much of a problem for privacy because they could just have x different cards and cycle them through and just keep very good books on who got what.
With a name like Privacy.com I was hoping to see your use of Google Analytics visitor tracking in your privacy policy: https://privacy.com/#privacy-policy
It isn't there, and disclosing it is mandatory under the Google Analytics T&C's (Section 7 here, it's crystal clear with the language "You must..." https://www.google.com/analytics/terms/us.html )
Can you please add it to your privacy policy? It's one of the first things privacy-conscious users look for when evaluating a website or service.
Many virtual cards before you have ran into issues of being flagged as prepaid or single use cards and having their BINs blacklisted by merchants. How will you be combatting this?
>ran into issues of being flagged as prepaid or single use cards
I generate Citi's virtual credit card numbers every month for numerous online shopping payments and I haven't run into issues.
It seems that it's not possible to determine if a card is a virtual number by parsing the digits.[1] Do you have other information stating that merchants know how to reject virtual cc numbers?
Citi and BOA get away with it because they can allocate out of a large pool of BIN numbers that are otherwise regular use debit/credit cards. These guys will have to figure out how to get a similar "mix" to avoid being flagged as prepaid/single use. This was the issue that ultimately caused PayPal to kill the service they had that was almost exactly the same as Privacy.com.
> will have to figure out how to get a similar "mix" to avoid being flagged as prepaid/single use. This was the issue that ultimately caused PayPal to kill the service
That's fascinating. Perhaps PayPal killed it for multiple reasons because the (possibly biased) answer from a PayPal said not enough people were using it: "The one-time card numbers -- technically they were MasterCard virtual debit card numbers -- were discontinued as a public user-facing feature because they were not generating sufficient transaction volume and revenue to warrant further development."
If a lot of merchants were flagging and rejecting transactions from Paypal's virtual CC BIN numbers, that would prevent people from using it very often, leading to "not generating sufficient tx volume", right?
There's a lengthier answer to this, but long story short, yes we're aware of a lot of the common pitfalls. A big part of the challenge comes down to limiting abuse on the cards (which we're planning to do).
Existing virtual card services have me covered on the virtual card front - both cost and (limited) privacy. I want something that gets me past the virtual card + AVS issue. All the virtual card providers seem to suck on this front...
No card issuer is going to verify a transaction of any significant value without AVS. AVS dropped fraud rates on card-not-present transactions dramatically, and it'd skyrocket without it.
>No card issuer is going to verify a transaction of any significant value without AVS
irl, Card acquirers do verify transactions without AVS, but they charge higher provided the merchant can demonstrate pre-transaction fraud mitigation
>AVS dropped fraud rates on card-not-present transactions dramatically, and it'd skyrocket without it.
AVS was less than moderately effective 6-7 years back, but it's less effective now, almost not at all. Most "researchers" have the card dumps with the addresses already so AVS does nothing to decrease the attack surface. Pre-transaction approval risk mitigation and post transaction fraud review is the only thing that works.
AVS doesn't deny anything. Its a status code returned on the auth. Its up to the merchant to reverse the auth if AVS data shows it doesn't match(Exact Address,Zip Code, CVV) or send the auth off for settlement. Merchant has almost no recourse if transaction is marked as fraud and the AVS doesn't match.
It may be up to the merchant, technically, but in reality systems such as Authorize.Net allow you to configure it at the gateway to reject transactions based on various AVS criteria. Many of my clients also only allow shipping to the AVS verified billing address as a way to weed out much of the fraud. For many products, only allowing shipping to the billing address is a reasonable restriction.
Thank you! We do have to abide by US AML / KYC laws as we are working with a sponsoring bank. We plan on releasing transparency reports on a regular basis.
Do the anti-fungibility regulations and/or your sponsored relationship require you to preemptively submit your transaction information (eg card#->bank# mapping) for surveillance, or only in response to a specific court order? If the latter, what is your retention period?
Do you have any plans to add batching+noise to foil global passive adversaries? For example, I opt to keep a running balance target of ~$50 and today's charge for $34.56 is debited as $31.37 a week later.
Considering someone wanted 4 mil for [my fairy common first name].com a few months back when I was trying to get it, since I noticed that it has been parked for a while after the other guy who ran a neglected personal blog on it for years would never answer my emails, I would estimate quite a lot.
I’m working on an idea that will need to pay hundreds of vendors for the services they perform for our customers. We want to pay the vendors electronically where possible so having unique card numbers for each vendor would be a great thing.
After looking at Privacy.com I want to take it a step further by generating a unique card number for each of our customers. We’d need higher spending limits and the ability to manage the cards via API. Other than that, what you’ve built sounds like a perfect fit for our use case.
Seems like you guys could partner with companies like "Coin" - https://onlycoin.com/ - having "soft" physical credit cards with dynamically issued numbers would be crazy.
What, if any, data do you have to report to authorities or central databases by default, i.e. without receiving a specific warrant? Is there anything in that class you are not allowed to mention (but may be allowed to mention insofar as answering this question in the affirmative)?
I have one question: how? How can you fund my card at the time of payment, if you get my money through a wire transfer? By the time the money arrives, the merchant will have cancelled my purchase, no?
Privacy.com. Don't let them track you. I open it to find a totally blank page asking me to turn on malicious, surveillance-loving, code execution to view ("we promise") good content.
(sighs)
And, to "modern web requires Javascript" critics, modern life expects credit, web surveillance, Facebook, etc. That doesn't mean you have to support or force it on others. Let's look at it really quick to see if a HTML4 w/ CSS site could've handle it. Yep, we did more interesting stuff back in the "DHTML" days (eg dynamicdrive.com). So, it's a privacy site pushing risky, higher-overhead crap on us just for fun. Hypocrites.
Alright, now let's look at the security. I should eliminate stealing a specific card or using malware on the machine to forge transactions. These are main attack vectors. Might mitigate the first. Looks like it will be vulnerable to the second. Admittedly, most methods are vulnerable to the second and those that aren't stay niche due to "inconvenience." So, still could be value in mass market where people get compromised anyway but want to knock out a common attack. The third risk is an unknown with some of the claims looking good on paper but to abstract to evaluate.
Note: The split-keys between employees part on the security page is funny. It's a banking control for sure. I'll just let your imaginations work out how little protection it brings from hackers, management, or the government. ;)
Fool! This "modern web" you speak of is nothing without me browsing it. It is not I who am missing out! Nay! It is the "modern web" that is diminished by my non-browsing of it!
They are punishing themselves! Why!?
No matter. I shall browse on, without Javascript, safe in the certitude that I am only missing the content of people too foolish, ignorant, or uncaring to use HTML and CSS properly.
My biggest question with Privacy, and of any one-time use credit card numbers service, is always:
Will it affect my rewards? Will businesses still show up unaffected with the same categories on my credit card statement? (I have a travel rewards only card, so breaking the rewards flow is a deal-breaker for using a higher level service.)
Edit: I misunderstood the service as being able to be layered on top of normal credit cards. It looks like the funding source is only bank accounts for now. Still my question remains if building on credit or debit cards is on the roadmap.
Edit 2: They are one-time use numbers, right? "Use at merchants" (plural) seems to possibly imply otherwise.
> What happens when I generate a new Privacy card?
> We'll give you a random 16-digit Visa card number that you can use at merchants that accept Visa debit cards...
Edit 3: It sounds like the business model results in keeping the money that would go to rewards on a normal card.
> How do you make money?
> Every time you spend using a Privacy card, the merchant or website pays a fee (called interchange) to Visa and the issuing bank. This fee is shared with us. We have some premium features planned, but rest assured, our core virtual card product will always be free and we will never sell your personal data.
Don't you see that rewards tracking is actually the antithesis of this service?
That's what those "free" rewards really are...getting more detailed information on your spending patterns and profile so they can resell that info to interested parties.
As others pointed out with the % splitting, I'm not sure that I agree.
A credit card company could collect spending information and resell it for all cardholders, not just those holding cards having good rewards.
Perhaps this is naive and instead more valuable customers (based on spending more money annually or having a higher credit score to qualify for the card in the first place) have their information sold more, but privacy and reward programs seem like orthogonal aspects of the business to me.
>If you have a loyalty card or shop online, the supermarkets will build up a demographic profile of you, and collect data about how loyal you are, what you buy and how much you spend, says Guy Montague-Jones of The Grocer.
This is how retail in America works now: collect data, adjust to fit.
Debit cards are something we're looking towards in the near term, credit cards probably will have to be a premium feature (due to how we make money right now).
The numbers can be one-time use (burners) or re-usable at the same merchant.
No, since the ability to limit the amount and the expiration date as well as the ability to close a number at will is immensely useful on its own. (Citi lets you do all of those.)
I can't use this right now because all of my spending goes on a rewards credit card, but if you offered credit card support as a premium feature I'd be signed up in a second. I hope to see that feature soon!
Edit2: Sounds new in the US. This is not supposed to be a bragging/snarky comment. Just genuinely surprised as innovation usually come the other way around, from US to Brazil. So Congrats on the launch! Good job, sounds tough to launch it not being a Bank!
Not really - Paypal was doing it via their browser toolbar ages ago, back when toolbars were still a thing. They stopped offering this functionality back in 2009, I think. That said, it's not particularly common at US banks despite being a horrifically useful feature (Bank of America has it, but I'm not aware of anyone else).
I'm excited that I can hop on and use Privacy but it seems like it's more of a feature than a product.
Virtual citi cards are nice in theory, but the web app to make them it pretty cumbersome to use, and the desktop app to do it just feels super icky. They also have short expiration limits, so it's not great to use for subscriptions where you ideally set and forget.
Edit: the web app for Citi was also a flash app last time I checked (few months ago). That plus them not supporting 2FA for every login makes me not use it.
Bank of America offers this as "ShopSafe", but it's buried on the BoA credit card account page and it's a flash app. It's also not available from the BoA mobile app, at least not last I looked.
I came here to say this. It's really a great service, but it is not available for the iPhone (Flash) so I always have to use it on my laptop (trade one problem for another) which is kind of a pain. But I do use it all the time and highly recommended especially to avoid having to cancel subscriptions.
People are surprised when I point it at them because it is almost as if BoA does not want you to use it. Check the right side bar towards the bottom.
Ya I've been thinking about reverse-engineering it to write something like the privacy extension for a while... nice to see someone else put in the work!
Yeah, the TWiET podcast made a big deal recently about how chips are finally making their way to their cards. I couldn't help but laugh. IIRC, Norway had those since the late 80s. And in Australia, Paypass/Paywave is near ubiquitous now. I think the US is way behind in their banking infrastructure.
I used to work at the largest merchant acquirer in the US and it's funny to see people claim these features just now making it to the US were signs of innovation lacking within the US. However, the reason these features were necessary outside the US is because the risk model was more severe outside the US; there was no need to implement them here. I have a presentation from Mastercard somewhere from 2006 that showed the dates for mandatory chip&PIN around the world the didn't include the US b/c we didn't need it. At the same time, I had flip phones on my desk from Motorola and Samsung with NFC integrated.
Edit to add: This is not a tech issue, it is politics and the like.
Weird, because most of the data I can find shows that the US has one of the highest rates credit card fraud in the developed world. Australia being very far down the list typically, and yet we got chip & pin and Paywave/Paypass well before most other places
Before the internet, and before its pervasiveness (~2010), all, then most, of the credit card transactions were 'card-present.' The US still leads in fraud prevention for 'card-present' transactions. The US was optimized for these transactions, so the internet has been a bit of a hassle and or opportunity (e.g. paypal).
Paywave/Paypass is about convenience, rather than security. It is less secure than chip and pin.
Fraud was a lower risk to credit card companies in America because [1] they were better at detecting and preventing fraudulent transactions, and were better at passing on the costs of fraud to retailers and consumers.
My understanding (I wasn't in the fraud department) was that the US historicaly had better connectivity (leased ISDN lines), and was doing fraud detection in the 'cloud' (i.e. soft real-time). Most other countries had to rely on connectivity-free authorization and ISO 7816 was a better fit there (smartcards with onboard storage and authentication methods).
High level question about virtual cards and the implication of their implementation: 16 digits doesn't seem like a very high number of available cards, especially since at least two of those numbers are reserved (checksum and IIN number). At some point numbers are going to be recycled, right? Or am I massively underestimating the # of credit cards out in the world? It seems like if a large # of people get a new # for every transaction that it would use up the available namespace pretty quickly.
You only need the PAN to charge the card, and many banks will gladly accept charges on expired cards even if provided with an expiration date in the past.
I used to make new virtual numbers from Wamu for each online transaction, setting $ and time limits. Only later did I read that those "one-time" numbers could be charged more than once and the expiration dates didn't matter. That's why I skip this extra useless step these days.
That still gets you the ability to figure out who leaked your card number, and presumably a way to manually revoke the number without hosing the whole card.
Yeah, I was a user. It was called Private Payments and went back at least as far as 2000.
Here's an interesting article from 2000 [1], declaring it basically unnecessary because cards were safe in transit. Some of the quotes and rationale are hilarious. Definitely from the pre-breach-of-the-month era.
A few credit card companies offered this in the mid-2000s (Providian and Citi, possibly more), but it seems to have fallen out of favor in the intervening time. I liked to have it as an option, so I'm glad it's making a comeback.
Since no one has mentioned it, American Express had Private Payments from 2000-2004, which generated one-time credit card numbers that the merchant could charge for up to a month.
In Portugal we have had this service for many years and it works regardless of the bank (https://www.mbnet.pt in portuguese). Most people I know always generate one of these cards for online shopping, it's safer and easier to control.
That's indeed true! Although you still have the limitation of only being able to generate virtual credit cards of the same type of your "parent/real" credit card. For instance, with a Maestro/Mastercard you cannot generate virtual VISA's.
Disposable and merchant-specific card numbers have been around for decades but never gained much traction. Probably because the meager benefits do not overcome the poor UX.
I think it may be related with more difficulties on tracking what you're shopping (likes) and more hassle on setting them up for every thing you buy (considering disposable virtual credit cards), which more likely will keep you away from buying instinctively and is not the desired outcome.
Both citi and bankofamerica (and I believe so, but didn't personally use, Wells Fargo) offered this service for free on their CC accounts in mid to late 2000s.
You could set limits per number, have it lock to just single merchant, etc. pretty nifty when paying some wacky merchant online.
All have since shuttered the service because pretty much every CC comes with purchase protection that you can invoke to charge the vendor back in case of something going wrong.
Virtual CCs provide very limited utility in my mind - because the place you're likely to have your CC swiped - a bar or a cab - are still going to use only the legacy plastic version.
BOA still offers this, and I still use it in some cases online. It's useful for subscriptions that I think I might forget to cancel before they auto renew, and similarly, for free trials that I might forget to cancel.
BofA still offers it, but I don't use it because it requires Flash which I don't have installed in my browser. I just checked a few weeks ago, though, and it's still there.
In the past year I've had to replace cards 3 or 4 times. Each time I am out of using that card for a week or two. Last time, they failed to send me the card, and made me wait the full 10 business days before I could even request it again.
It's an interesting idea. However, I'm not comfortable with a third party having all that information. Some banks issue "corporate" cards, with numerous "employee" cards. I already trust the bank, after all. So what else does Privacy.com provide that's worth the risk? They're still subject to KYC, right? So there's no strong privacy. Or am I missing something?
We are still subject to US AML / KYC laws. But the cool thing about these cards is you can use any name or billing info you want with them, so don't have to worry about your info getting leaked if some website you bought an indie game / song / whatever from 6 months ago got hacked.
OK, so that would have protected Ashley Madison users. Because none of the likely interested parties (partners, private investigators, etc) would have leverage to get information from you. Same for users buying porn, unless they get investigated for child porn. That's not a KYC issue, but there will be a subpoena. And I'm assuming that you must comply with all subpoenas.
Edit: I wonder what your burden would be in bankruptcy cases.
Ashley Madison and porn users are easy targets. But broadly-speaking, we just think you just shouldn't have to share your personal info with a random merchant you want to buy something from.
It's anti-privacy in the guise of being anti-fraud.
Still, users arguably need to trust you more than they trust traditional credit card companies. But it's about the same as PayPal, I guess. They often do have access to users' bank accounts.
So anyway, I get the point. It's a useful service.
@boling11, why does privacy.com need access to my online banking on an ongoing basis, after the initial signup is finished?
I have changed my online banking password after signing up successfully, and I received an email complaining that "Our connection to your bank is broken".
I can understand the need for initially providing my banking credentials for AML/KYC reasons, but I feel uncomfortable with your company continuing to use those after the initial check.
Why can't you just use the routing/account numbers for ACH after the initial signup?
We don't actually store your credentials. We work with Plaid.com, and take a token which we can use to pull balance information. This allows us to fund a transaction in real time and take on the risk of ACH. When you change your credentials, that token gets reset.
If we took routing / account numbers, you'd have to preload your account and wait up to 3 business days. It's something we're definitely looking into though as well though.
Paypal handles these kinds of transactions just fine without preloading and without needing my bank account's username and password. In addition, banks typically tell you to never hand out those credentials even to their own employees.
Thanks for your answer, it clarified things a lot.
My concern with plaid.com using my banking credentials on an ongoing basis still stands though, and for me this currently outweighs the privacy benefits to be gained by using the service. Additional ways of funding (either using a debit card or ACH preloading) would be most welcome and go a long way towards addressing my concerns.
privacy.com would be a very useful service to me, and I hope you will be successful with it!
I understand why you need it, and I want this service in a big way, but I'm just baulking at giving you my online banking username and password. Why should I trust you with that?
I wish banks would offer something like OAuth - a service-specific, revokable credential with access only to the stuff it needs. I'd be a lot more inclined to use a product like Mint, for example, if I could grant it ONLY read access to my transactions and I knew I could revoke that access at any time without having to change my primary credentials or disrupt any other services/apps I have connected.
Totally understand it's sensitive, and it's cool if you're not ready to trust us with that yet. That's something that we plan to earn and don't take for granted. Eventually we do plan to allow debit card funding.
Didn't realize you require login & pass to bank (registration didn't work on windows phone).
While that's common in Germany, in Poland giving your login & passto 3rd party means that bank has no responsibility for any loss/fraud/anything if something goes wrong for whatever reason. This is breaching the term with the bank, that your login and password are confidential.
In Poland a oauth like alternative for payments is used, where you end up on your bank website to confirm payment and then you go back to the merchant.
That would make sense :)
Anyway, I checked my bank agreement (page 15...)
> You agree to: 1) keep your password secure and strictly confidential, providing it only to authorized signers on your account(s);
2) instruct each person to whom you give your
password that he or she is not to disclose it to any unauthorized
person; and
3) immediately notify us and select a new password
if you believe your password may have become known to an
unauthorized person. We may suspend or cancel your password
even without receiving such notice from you, if we suspect your
password is being used in an unauthorized or fraudulent manner
There's a startup building an API layer for banks that would make this better. The name has slipped my mind right now, but perhaps someone will know. IIRC it is about replacing ACH entirely.
I have never understood that argument, I've heard it many times though.
You would freely give out the private key of your credit card (credit card number/expiry date/cvv) to any online merchant, but hesitate on authing your bank account user/pass which you can change anytime you want?
Don't think they ask for banking username and password. They only state they will directly debit it from your account, which does not require sharing your bank credentials. All you probably need is a one time authorization for them to be able to debit.
In my experience, bank logins are used for instant verification of funding. For example, Robinhood uses it likely to verify legitimate users for its $1000 instant funding service.
ABA/DDA are inherently less secure than online access credentials. An account can be directly debited if ABA/DDA are compromised, and they cannot be rotated without closing the account. Plaid tokenizes all this to avoid any potential issues -- and further, if credentials are somehow compromised they can be rotated very easily.
Services like Mint, Personal Capital, MoneyWiz, etc don't directly store or use your banking login, they pay to go through secure, well-known services like Yodlee http://www.yodlee.com
Is privacy.com actually asking for bank logins, or just your bank account number/routing? In either case, it is nothing new or uniquely scary about this service. If you're not comfortable with this, then there really aren't any third-party online banking apps you are going to be comfortable with anyway.
How's that article relevant? It's the typical Krebs "IRS sucks" piece with some intuit mixed in, because apparently even fraudsters - doing potentially hundreds of filings a day - think that turbotax is the most convenient way of filing your taxes.
"Never forget the cancel one of those pesky 30 day free trials."
This is very misleading to say the least. Not paying for a service doesn't cancel a service. If they tried to bill your card and the card was rejected that doesn't mean the service is cancelled.
They may be able to still bill you and you may be legally obligated to pay, you are just taking away their way of automatically collecting the bill. You may still actually owe the bill; just because you didn't pay a bill doesn't mean you don't owe the money.
All this depends on the company, what you signed up for, if it was a contract, the TOS, etc, etc, etc.
For a real silly example to illustrate - lets say I signed up for Comcast and gave them a single use credit card number for automatic bill pay. When the second month comes around they attempt to charge my credit card and the card is declined. That doesn't mean I suddenly don't have to pay my Comcast bill, it just means they can't collect it automatically. Comcast will take a few months to cut off service[1] so you'll end up owing them several hundred dollars. Eventually if you don't pay they could send you to collections. Collections can take you to court and then when they win they can garish your wages, etc, etc.
Yes, I know this is a silly example and its unlikely to happen with the majority of "free trial" services on the net but that doesn't mean its responsible to basically advertise "yeah, just give any company a temporary number for a free trial and forget about it." Especially since a lot of services with a free trial are with companies that have a lot of resources.
A less silly example would be if I signed up for a gym with a two year agreement and a year later I canceled my credit card and stopped going to the gym. In that case the odds of me being billed further and sent to collections is very very high.
[1] they do that around here, I know someone who only pays their Comcast bill every 4 months or so...
That's well outside of what is commonly understood by "one of those pesky free trials". That's some other contract that someone would have to have agreed to.
It would be very hard to convince a judge that you honestly believed, based on reading that slogan, that Privacy.com would somehow release you automatically from any terms of any contract you might sign that happens to involve a trial period.
>It would be very hard to convince a judge that you honestly believed, based on reading that slogan, that Privacy.com would somehow release you automatically from any terms of any contract you might sign that happens to involve a trial period.
??????
Where on earth did I say that? Where on earth did I say it would be a defense in court?
It's very misleading advertising. So misleading I think its irresponsible.
Quick question to founder lurking here - if you're advertising yourself as a credit card and yet you do not extend credit (and use bank account as funding source) aren't you misadvetising? If it's just a virtual debit card, you are likely providing far less protection to consumer than a credit card would.
I'm in love. Seriously, been waiting for this for soooo long. And the fact that the website supports two factor auth + is SUPER easy to use makes this a double whammy!!! :)
I've been a customer for about 5 minutes, have used it twice, and am already going to recommend it.
edit: I'm quite aware that this has been possible, but both banks/credit cards that I have make me jump through tons of ugly UI and clicks to make it happen.
This is one of those things I have wanted to make so many times and I assumed it would either be technically impossible (card numbers not actually a huge number space) or it would just get marked as fraud.
For big banks, it has been technically possible for a while (since 2002 in France[1]) you can create a single usage card. The issue is the cost of that service, and it's probably only working on Windows PCs.
Obligatory "no we can't have nice things". Something like this was available to all Discover card users 5 years ago, but a bit hidden on their website, and was discontinued.
I think most people prefer to do what's most convenient (have one credit card/number) and patch up any abuse/fraud after-the-fact.
"Please ensure this information is accurate. We're
required to verify this information against public
records. But don't worry, we'll keep it private."
I suppose I'm legally opening a bank account, which has similar requested info as this, but are they checking my credit (probably not, I know, but it makes me uncomfortable)? Will wait a while.
You're right the language here should be better. FWIW, you're not opening a bank account and we aren't pulling a credit check (per our FAQ). We cross check the information as part of our AML / KYC policy.
Not bank account, prepaid card account; which carries almost the same legal requirements of opening a bank account. Prepaid program managers are not required to credit check to establish the account.
I signed up for this. Sadly, it is not what I thought it was and the website does not make it very clear. Basically, this is for online purchases only. To make matters a bit worse, it wants to connect to your real bank account.
What we need here is a physical credit card that I can use in the real-world that has a new number on each swipe. Most of my historical fraud has happened because I probably swiped my card at a location that was compromised.
> a physical credit card that I can use in the real-world that has a new number on each swipe
We have that already (chip cards, which are currently being rolled out in the US and already standard in the rest of the world, generate a new single-use token for every transaction).
If you use Apple Pay then that's exactly what you get. A unique credit card number is generated per transaction and passed to the merchant.
Not only is it more secure but it also helps protect your privacy against retailers that use your card number to track your purchases across their brands.
> Most of my historical fraud has happened because I probably swiped my card at a location that was compromised.
I travel a ton and also do all my shopping online, for years. I have to replace one of my three credit cards every 3-4 months. That is usually within a week or two of visiting a gas station or taxi, places where they don't use chips and in the case of taxis still have the gall to use the paper carbon copy machine things. Whatever though, when a card gets lifted Chase takes care of the charges and overnights me a new card wherever I am (even international).
Although I've had many notifications over the years about my card data "possibly" being compromised in some online breach, I don't know that it's every been a real issue.
This service makes sense if you don't have a (real) credit card and for some reason want to link your real cash account to a payment service. Otherwise I don't think I get it, or why I would forget my credit card, anyway.
I accept that disabling JavaScript is generally a losing battle, but it specifically irks me when the website of a privacy-centric service is just completely blank if you don't have JavaScript enabled. Of all 30 people out there browsing without JavaScript, it seems like they have an elevated chance of all wanting to learn about this service, and I find myself moderately discouraged from trying it by this issue.
You're right. We should've done a better job with this. It was a trade-off and we decided against, but we should done a better job communicating it. Hopefully you can enable Javascript for us and give it a shot :).
The email you send to verify the bank comes off as SUPER shady. It reads exactly like a phishing email. It doesn't talk about which site / bank I'm using. Might be worth fixing.
From: Account Management Team <account.management@acctmanagement.com>
This is super close to the product that I really really really want. The only thing that's missing for me, is that this requires a checking or savings account. When I purchase something with my credit card (most things), it's because I want the rewards program points. With this, I don't get that. If I can't pay with my credit card, then I'm losing money (~$300/yr).
I really want a product that let's me proxy my credit card (and change it when I get a new card). I want a firewall for my credit card.
How do they not run out of numbers? According to this random image I found on the internet, each bank has a space of one billion card numbers. If you have ten million customers, say you're going to run out of these very quickly.
I like this, especially the repudiating of the privacy-hostile billing name/address voodoo. But I'd worry about forgoing the traditional protection of credit card chargebacks, and having to rely on debit card terms and direct ACH.
We make chargebacks just as easy. There's a button you can click next to the transaction that will initiate the dispute process - we'll deposit the funds back in your primary funding account and follow up with you, then resolve with the merchant. You're also covered under Visa's zero liability policy.
Sure, but an unauthorized charge is a clear cut case. I'm talking about an authorized charge from a merchant who is later uncooperative for whatever reason. I would think that a longstanding credit card company would have a more account-holder-friendly dispute process, but perhaps this is just a perception you have to overcome. Furthermore with a credit card one never loses the money until they decide to transfer it, regardless of company policies.
Mastercard has this service in quite a few countries, the downside is that usually they do not offer the same insurance as for the normal cerdit card and those cards will not pass an actual credit check.
Other issuers, banks, and other organizations (post office for example) also offered similar services.
I never really liked these services they don't really support recurring payments, some of them force you to purchase a card with a specific amount rather than it being valid for a specific transaction, some times they have issues with various 3d party checks (pre-paid card check, region lock/address verification, fraud etc.) and more importantly it's not an elegant solution as you end up with allot of credit card numbers.
Overall while this one might have a nice UX it doesn't really solve a problem that hasn't already been solved either through Paypal or trough your own credit card company.
I can see all payments on my Amex and Visa cards in the UK, I can check which ones are recurring, I can initiate a charge back and for everything else well there's paypal which offers even an easier UX.
The reason this doesn't solve a problem is because it's an attempted technological solution to a non-technological problem.
If you're going to do business with someone, a certain amount of trust is required, and there isn't any working around that with technology. If you don't trust a vendor to refrain from stealing your credit card information, how can you trust them to actually deliver the goods, not spit in your food, honor the warranty, etc, etc? Alternatively, if you do trust them to do those things, trusting them with your credit card number isn't much of a leap, especially given that banks are actually incredibly efficient at identifying and dealing with fraud, if not preventing it outright.
Well it does solve a small technical problem, trusting vendors is hard Sony, Target etc. are "trustworthy" but still got nicked and the credit card data of millions of customers was compromised.
But that's not a problem most consumers have to deal with, their credit cards are insured, debit is a different story but in the US at least the amount of debit transactions is still fairly limited.
The biggest issue i see with this is that this isn't the most sustainable business model credit card costs are balanced more or less by the trust that the issuers has in the credit card holder (your credit limit, interest etc.) and the trust the acquirer has in you when you perform a transaction, prepaid cards are more or less notoriously untrusted by both because the issuer basically thinks you are too much of a liability to give you credit and the acquirer doesn't know who you are because that card has no credit history and single use cards are much more often abused for illicit purposes.
The stop subscriptions aspect really stood out to me, I had to spend 40 minutes on the phone with that darn company to get things canceled, even though I only used it for one day for an hour.
It's important to remember that just cancelling a payment method doesn't necessarily mean you're unsubscribed. If you're still getting a service, you're still on the hook for paying for it one way or another.
If this is true, then Privacy.com doesn't resolve this obligation. The temporary card number won't be chargeable by the merchant, but you'd still be on the hook for the renewed (and unpaid) service.
It certainly changes the burden of notification. A company can setup many hoops for canceling, forcing you to go through some asinine phone tree and drone script to stop charges to your card. Whereas lacking an established payment channel, they can no longer play dumb if you eg send them a simple email to cancel.
If you signed up online, the company must provide a way to cancel online per visa rules. Check their TOS, they probably list a way to cancel online via email or whatever.
Got a citation on this? I'd love for it to be true, since it'll save me a lot of effort. But WSJ, for instance, requires you to cancel via phone even if you sign up online.
Nice find. From some other quick research, if there is a violation, you have to report it to Visa via phone or mail.
Looks like they used to have an online form a several years ago, but it went missing. Various blog/forum posts indicate that most people have had no luck getting any sort of response from Visa via mail.
I'm not sure if I'm ready to hand over personal details to Privacy, there's not much assurance other than "We'll never sell your data to anyone".
Does privacy.com see where I make all my purchases? Is there a collection of my metadata? What assurances do I have that you take personal privacy seriously?
Any way this works without a browser extension? I'm assuming such an extension has full access to every single page in order to do its job, which is a huge security risk. You don't need to be reading my emails or passwords.
It does :), you can create directly from your dashboard without an extension. The current onboarding flow pushes you towards creating a card first, but we'll patch that.
Good to hear! Bring this to Europe and I can see it being very popular, credit cards aren't as common or easy to get here and ordering outside of your local country often requires one. I imagine that's still a long way away though :).
Credit cards are hard to get in Europe? If you are talking about cards with credit line, sure, but debit/prepaid cards are pretty easy to get (e.g. Number26, Monese, Revolut, Fidor etc).
It looks like funding is done via ACH. Does your business operate a credit operation as well to handle the risk of spending money and unable to complete the ACH transaction?
I've always wondered about the business side of that...where does the money come from, how is individual debt handled. Do you operate collections? How do you do this without requiring a credit check? etc..
Yes, I really don't understand how this could not act as a sort of .. load balancer .. for my credit/debit cards. Why does it need to login to my bank account? This seems entirely unreasonable.
I think people are over-thinking this offering a little too much. People who are asking if the company will resist a subpoena, or if all customer data will be irreversibly encrypted, are expecting too much.
The main purposes of this product are to be able to mask your marketing data (name, address, phone) to businesses, and to mitigate damage in the event of a data breach (any stolen card numbers are useless).
It's not going to prevent a government entity from subpoena'ing your records and finding out what you've bought. Also, if you're buying anything that needs to be, you know, shipped or emailed to you, you're kinda going to have to give a valid address. Under the default settings, they also include the merchant information in the feed back to your bank, so your bank still gets all of the info on where you're shopping and what you're buying.
Finally, I am very skeptical of their claim about walking away from subscriptions and trials. Sure, in theory, you make it much harder for vendors to track you down, but by law, you're agreeing to pay for the company's services when you accept their agreement, and if they do bother to subpoena your information and come after you, if they find out that you presented them with a fraudulent name, phone number and address, I don't expect that would go well for you in court.
That's fair, if you're doing something illegal that may result in a subpoena, this is not the product for you.
However, that doesn't mean what we're doing isn't meaningful. We just think that you just shouldn't have to share your personal info with a random merchant you want to buy something from.
This notion that passing along your billing info is going some how substantially cutting down on fraud is ridiculous. It's anti-privacy in the guise of being anti-fraud.
And yes, it's fair, if you skip out on a gym contract, you do risk getting taken to collections. We're mostly talking more about the ticky tack, deceptive recurring billing fraud. We can do better. We'll make the language clearer on our home page.
"We just think that you just shouldn't have to share your personal info with a random merchant you want to buy something from."
FWIW, this is, and has been, possible with regular credit cards for as long as I've used them (20 years ?)
Nobody anywhere checks the name on a card. Nobody. Not amazon, not google, not a small online retailer, not a large one. Nobody. Zero.
I made up a default fake name ten years ago and have used it consistently for everything from DirecTV[1] to my daily-used Amazon account to magazine subscriptions.
Yes, of course they have an address (not my home, but an address I control) and of course a global observer (or just my bank) can correlate and index everything I purchase ... but not any of those vendors.
[1] Yes, this does indeed imply that I paid them the big up-front payment instead of allowing them to do a credit check with my name and social. This is a very rare downside, however.
Only American Express offers name verification to merchants. When it comes to address verification, only the numeric data gets checked. So for an address "123 Main Street" would match "123 Bryant St" as well
Hey, I'm all for your service. I was a big user of Discover's one-time card numbers before they went away, just for the peace of mind of not having to worry about having my card number stolen. I will very probably sign up for Privacy and use it.
My point was that we have a lot of tinfoil hat crypto currency believers in the audience here tonight, and this is maybe not the panacea they were hoping for - it's not the second coming of Silk Road or anything.
>Finally, I am very skeptical of their claim about walking away from subscriptions and trials. Sure, in theory, you make it much harder for vendors to track you down, but by law, you're agreeing to pay for the company's services when you accept their agreement.
I am not sure about this. One could argue that you by signing up for the recurrent payment (or the free trial with automatic payed renewal), you merely consented for the company to automatically sell you another months subscription. If they are unable to do so, then they have every right to cancel your subscription, but it is not obvious that they have any right to require you to buy it. This becomes even more clear when you relize that, even if you used your real card, you would still be able to cancel before they charge you, and they would have no recourse.
What? You didn't "merely consent" to anything; you agreed to their terms and conditions, which state cancellation criteria. There's no "one could argue" here. Commercial law is well-established. Of course they have recourse: taking you to collections.
Have you... have you ever not paid a bill before? I'm very confused how one could think this.
If we are talking about something like a phone bill, where you may incur charges during billing period and pay at the end, then you are correct and the company can take you to court because you are in debt to them for services provided that you have not paid for.
If we are talking about subscriptions where you pay for a month of service up front, then there is no debt. If they fail in charging another month to the provided credit card, then they are under no obligation to renew your subscription. Assuming they do not, then you have not recieved any service that you did not pay for. Their only claim is that you promised to by another month; however this claim is weak because you could have properly canceled your subscription before buying the next month anyway (and, in most cases, you would still get access until the period you had paid for anyway).
FYI: contracts can specify a lot of different payment terms. The term that you apparently desire to be in contracts you sign is against the interests of your counterparty. Most of them will have asked a lawyer how to write their contract. Their lawyers will often draft that contract to protect their client's interests. You will find that lawyers are rather good at doing this and are about as likely to be out-thought by a programmer's parsing of the English language as you are to be out-Fizzbuzzed by a randomly chosen attorney.
Again, if you have agreed to their terms and conditions, then you are under obligation to abide by them (within reason; there are limits on what can go into a T&C). The T&C almost certainly obliges you to pay them. Can anyone cite precedent for failure to pay magically releasing someone from that agreement?
Gizmo is cleary referring to services where you pay upfront for, e.g., one month of service with some form of auto-renewal. He's not talking about failing to pay for services rendered in advance of payment.
This is a very fair point. Still, I would hope that it would make it harder to link a purchase to an identified individual.
If I assume the US is a country where the laws and constitution is respected, then only a formal subpoena would link the credit card transaction to the individual. Hopefully snooping would not.
I think it's just a sign of the appetite for real financial privacy, which is not possible in the U.S. because of money laundering and "know your customer" laws.
There's no such thing as a "prepaid, anonymous credit card" that can't be linked to you as a person.
I've looked at these, and every single one that I investigated involved some kind of activation process that meant giving up identifying information (or lying, which I'm not willing to do).
Thanks for the tip. I'm not familiar with the laws around providing a fake name or address, but it's good to know that's an option.
(My concern is that, if there's any kind of issue on the payment processor's end, it seems like the use of the fake identity could be misinterpreted as criminal fraud)
As a result, USA is not Greece. USA isn't bailing out, USA doesn't have to beg money to Germany or court Putin's protection. Greece has a massive fraud problem, half of the houses aren't finished because of tax schemes, everyone pays everything cash, they have high taxes but their tax money gets laundered into subgroups of people without the projects being built or achieved.
If Greece went to a full-debit-card economy, they would be able to trace who doesn't pay their taxes (hint: everyone and their smugglers) and probably step into the developed world.
But yes, it would be bad for privacy, i.e. it gives the govt power to levy a mandatory tax, for example to increase the wage of the prime minister.
A problem I experienced with temporary card numbers is when you need that credit card number again to refund back a purchase if it was needed (out of stock, wrong thing, returns, etc).
I remember having a lot of trouble with the vendor because of this, so I stopped using them. Does this deal with that in some way?
Very useful - my citibank credit card used to have a feature like this many years ago (I believe called "virtual card numbers"), but they got rid of it for some reason.
Though I am more likely to give my personal details to citibank than some startup. Trust is a big issue with payment startups.
I am from Brazil, and the government sometimes censor online stores, or is just an ass...
Also many stores have some sort of licensing agreement that exclusive Brazil, sometimes with no other way to get some stuff, for example there is a series of books that I can't legally obtain copies of them after Barnes e Noble closed Fictionwise, anyone on my country wanting one of those books must pirate it (they are digital only, and the stores that sell them are mostly US-only, and a bunch even check your IP or insert DRM that checks your IP).
If this payment service could hid someone country, I am very sure that in some countries piracy would drop a bit.
So, my bank in Turkey (Garanti) offered this more than a decade ago - you could make "virtual" cards to use on online transactions, and load them up with the specific amount of money.
This way you didn't need to worry about card numbers being stolen because they were easy to cancel and also didn't have any money in them.
Other cool stuff they did back then: online banking actually had features, and had a 2 factor keyfob. And they had a way where you could SMS people money by sending them a password protected one time code that they could go to any garanti ATM and withdraw cash.
> Never forget to cancel one of those pesky "30 day free trials."
This seems like a bad idea, I'm surprised they're advertising it. I'm pretty sure not being able to charge your card doesn't let you out of a contract you've signed.
I looked into this because I was too lazy to cancel a gym membership once. There are a lot of stories online of a gym sending someone's account to collections because they thought they didn't have to actually cancel it since the credit card expired.
The product still seems useful for one-time purchases though.
In Ukraine, Fidobank offers "Shtuka" (Штука, translated as "piece" or in jargon "thousand") debit cards that are attached to MoneXY account that is in turn attached to mobile number only. And since prepaid cellular service is mostly anonymous here, you can actually have as many anonymous accounts as you can for about 60 UAH (a bit more than 2 USD) each. And still these are physical MasterCards you can put into your pocket, accepted at any supermarket and also suitable for online transactions.
I use netteller, that does something similar, called virtual cards. Can create multiple cards and assign funds to each virtual card. Its not as smoothly done as this one, but same thing.
My bank in Sweden offers this automatically when you use their website. Not with as a nice UX as this, it is a popup with a flash app in it, but still good enough to be very usable.
It would be better if this were more clearly visible, especially to non-US IPs. I don't want to create an account to discover that the service only works in one specific country and with a specific list of banks.
One issue would be that the merchant name doesn't always line up nicely to where you are. For example, a local Burger King shows up as something like, "Hidden Rocks, LLC" instead of "Burger King" or even "HiddenRocksLLC/BurgerKing."
The assumption here is that if this were to catch on as a security mechanism the establishment you're in would clearly advertise their merchant name, or you could at least ask for it.
It wouldn't take that many customers to ask before the guy behind the counter at "Corner Cafe Market" would be able to give you "Culinary Drinkware Inc." as their merchant name offhand.
in the USA there are about 160M people with credit cards. for a preliminary model, let's assume 10% value privacy or have enough transactions where privacy trumps rewards/protections. assuming the startup captures 50% of this market, that yields 8M users. if the average user spends $1000 per year on private transactions -- this card won't replace all CC transactions, only the ones where privacy trumps rewards/protections -- and the company earns 2% per transaction, the company generates $160M in revenue under these assumptions. obviously the key variables are (a) 8M users and (b) $1000 annual spend.
to size the whole market, look at all 2015 credit + debit purchases and ask yourself what percentage of those would have been made private if some solution made things simple and easy enough. 1%? 5%? 10%?
the potential for private purchases seems promising, esp if they (or someone else) can expand the market by making private purchasing as easy as private browsing.
Whoever works on this & put it together / posted this. Thank you. I just recently learned a while back that paypal had something similar but discontinued it. Whatever you have to do to keep this service running & any help you need in spreading the word, I'm willing to help out. This is needed badly for those who are privacy conscious.
Shouldn't this service be marketed to credit card companies instead of credit card users? If I get a fraudulent charge on my credit card I can just dispute it and have it removed. What value do I get with privacy.com that I don't already have that is worth the extra fees I have to pay?
There is a few of these services and they all look awesome. The issue has always been for me that I value my points/miles more than I value the convenience of not worrying about my credit card # being stolen. If I could do this with my SPG card, I would be all over it.
damn. I've been wanting a service like this for a very long time. Not just for privacy of security, but hopefully so that if my banking or real credit card information changes I could just go to one place to make all my updates.
It would be great if this + other fintech services catered to overseas markets. It's understandable why they don't, but as an expat/nomad, centralizing your banking is a huge pain point. This cohort is only going to grow.
Is it possible to create and verify a PayPal account against one of these cards? This would allow users to have pseudonymous PayPal accounts. It always bothers me when I go to make a donation that I have to give my real name.
Wondering what the $2k a month spending limit is about? That seems too low to switch all spending to Privacy, but seems like a lot of mental overhead to figure out what I want to use Privacy for and what I don't...
PayPal had this and killed it - stupid PayPal! Bank of America has this. Discover has this, too. CitiBank has it, too. I really hate not being able to get cash back with Privacy.com so I won't probably use it.
Here are the list of banks currently supported, to save you a click or two:
Bank of America
Capital One 360
Charles Schwab
Chase
Citibank
Fidelity
Navy Federal Credit Union
PNC Bank
US Bank
USAA Bank
SunTrust
TD Bank
Wells Fargo
Would there be any way for merchants to accept your cards only? And, hopefully have fees closer to ACH rates, since that seems to be what you are using?
Unfortunately it probably won't happen for awhile :(. We're a free service, and make money off the interchange from issuing these cards. Amex and high points cards are really expensive to accept funding from.
> STEP TWO
When you check out on any website, the Privacy icon will appear in the card form.
Click it to create a new card, and auto-fill the card form. Use any name and billing address you like.
> STEP THREE
After the card is charged, we withdraw the money from your chosen funding account, similar to a debit card.
Not sure I get this. Do you have to fund an account on Privacy.com? So it's like a Paypal where you generate a new payer name every time you pay for some other service with it?
> Sensitive information is encrypted using a split-key encryption with partial keys held by separate employees, meaning no one can decrypt your data; not even us.
Umm. Pretty sure that giving your employees the ability to decrypt my data means that "you" can decrypt it.
Well, technically they can but a split key system is a PCI-DSS requirement. The advantage is that no single employee can gain access to sensitive data - they would have to collude with each providing their key to decrypt any data.
It is mainly designed to prevent employees from selling off sensitive data, but I think in practice with the right audit controls it's pretty effective.
I guess if there was a system in place where the two employees didn't know who the other employee was then it would mitigate risk.
Makes me wonder what sort of auditing system could be used that guarantees total transparency around when the keys are requested by both parties, by whom and for what reason without disclosing the employees? More interestingly I'd be really interested in a system that ensured that nobody knew who the two employees were but the keys could still retrieved.
Then on top of this it would awesome to have a way of revoking keys.
Probably impossible, but that would be the ultimate in security!
According to your other answers and the website, they don't need to "fund an account on privacy.com". Rather, they connect it to an existing bank account.
Really though, isn't something like the apple pay system a better way? You don't risk getting flagged as a prepaid card and reject, you aren't giving out your data.
Because this service draws directly from your bank account, and takes what would otherwise be your rewards from the credit card fees their banking partners charge, it provides a nice business model for them at the cost of you getting 0% rewards back. Not worth it, in my opinion.