"Your grocery store is stalking you. That little loyalty card? It’s tracking everything.
Not just the type of cereal you like. Highly personal information including what meds you buy,
major life changes, and your exact locations... even things your own family doesn’t know!"
"And your data isn’t staying in the store. It’s being shared and sold. This isn’t about coupons.
It’s surveillance. I'm exposing what they’re collecting — and showing you exactly how to opt out right now."
https://www.youtube.com/live/5t0U7BEYtME?t=487s
Comments
I don't like the idea of using QR codes for the tracking issues listed in that youtube video. Beyond creepy that it can go on to biometric spying via cameras and data collection via your phone.
A conversation with some younger ones last Thanksgiving.......... geez, if I if get their app (mostly fast food types) and pay electronically (with cell phones) I get a big discount. I asked whether they were familiar with permissions allowed from apps on their phones. NOPE. I suggested they use their favorite search and read about 'permissions' for apps, for an education.
Cash household here, with the exception of CC were needed.
any of their loyalty apps on my mobile phone.
A different name, address, and alternate phone number would be used
if I ever choose to obtain a grocery store loyalty card.
The CC use is limited for items like booking a hotel, etc. Also, a CC has protections from fraud, not covered with a debit card. But, cash is used as much as possible for groceries, restaurants and related.
I do enjoy a Subway, 12" meatball sub. But, a purchase as this always is paid with $10.11 cash.
Q: Aside from Privacy.com and MySudo, have there been any notable developments
in virtual privacy payment card solutions?
A: Somewhat.
Privacy.com connects to your bank account and allows you to make private transactions
in any name via virtual card numbers.
MySudo is very similar but is linked to your debit or credit card.
Cloaked requires you to purchase a virtual card with a set limit which can be used however you like.
Those are the three which allow you to easily use alias names.
[snip]
Take care, Derf
most grocery cards require minimal\zero real info to sign up, but the x-ref to your cc is info leak 'risk', as well as use at the grocery pharmacy.
self-checkout cash input is too terrible to use, and nonfunctional 50% of the time.
We use our debit card for cash from the local CU atm. You should feel secure that this type of transaction is indeed 'secure', regardless of the U.S. atm location. We have more concern for the repeated data breaches from systems; mostly related to healthcare systems.
--- ATM data encryption must comply with PCI DSS and PCI PIN security standards, with a critical deadline of January 1, 2025, for upgrading to TR-31 Phase 3 key blocks. Non-compliant, older hardware must be replaced or upgraded with updated firmware to secure PINs, transaction data, and communications, or the ATM will become non-operational.
Key ATM Encryption Requirements:
TR-31 Phase 3 Compliance (Jan 1, 2025): ATM software, firmware, and keypads must use TR-31 key blocks to protect keys during storage and transmission.
Encrypting PIN Pad (EPP) (the customer keypad for PIN entry): ATMs must use updated EPPs, with older, non-upgradable terminals requiring total replacement.
Remote Key Loading (RKL): Encouraged (often using TR-34 standards) to replace manual, on-site key loading with secure, encrypted, remote key management.
Triple DES (3DES) & AES: While 3DES was the standard, newer requirements emphasize robust algorithms like AES for data-at-rest and transmission.
MAC Encryption: Message Authentication Code (MAC) encryption is required to ensure data integrity and detect tampering.
Consequences of Non-Compliance:
Terminal Shutdown: Processors will refuse to accept transactions from non-compliant machines after Jan 1, 2025.
Liability Shift: Financial liability for breaches moves to the ATM owner.
Fines & Penalties: Financial penalties and increased risk of fraud.
Key Areas for Protection:
Data in Transit: Encryption between the ATM and the transaction processor.
Data at Rest: Encryption of hard drives and sensitive files to prevent jackpotting.
You should feel secure that this type of transaction is indeed 'secure', regardless of the U.S. atm location."
Criminals might attach skimmer devices to ATMs.
These devices are used to steal card numbers and PINs.
https://www.wikihow.com/Spot-an-ATM-Skimmer
https://www.hachettebookgroup.com/titles/shoshana-zuboff/the-age-of-surveillance-capitalism/9781478947271/?lens=publicaffairs
I have encountered 2 skimmers years ago at ATM's and reported same. At one unit I placed a sticky note on the unit to alert other users. This also applies to readers at gas pumps. We use cash for gas.
@Derf
I'm not familiar with the 'clear' function at the end of a transaction. I follow the screen messages to complete a transaction. Different vendors use various functions to finish a transaction. An example is that the card capture is a function to complete a transaction, being the cash won't be dispensed until one removes their card.
In the way back days the card would be captured into the ATM if one forgot to take their card; in order to prevent another from being able to 'take' someone's card. Keep in mind that one is at least being documented being at a machine, either via digital camera; and/or digital video. Not that these devices have anything to do with a 'secure transaction'.