undefined | Better HN

0 pointsxoa6y ago0 comments

>I kinda get the virtual card thing - it's pretty hard to get a credit card.

I'm not sure you do? Because virtual cards are credit cards, afaik they're exclusively credit card linked, or at least bank account linked through a debit card type system. You need to have a standard card/account to get one (and at least in America getting a credit card is utterly trivial though it may not be a good one granted) and have identity.

>Assuming you can create infinite virtual numbers you could, theoretically (and I appreciate it's probably not the case here as the poster has account history), switch/cloak/whatever a whole bunch of high converting against policy stuff until the account is banned, at which point you set up a new ad account, new virtual number and start again. Rinse and repeat.

Virtual credit cards are still linked to you. Your name and mailing address and whatever else is required for normal credit card validation is still required. They're not a tool for anonymity, they're exclusively for dealing with issues on the seller side (ie., they get hacked, or are fraudsters).

>"if you have nothing to hide you'll use a fixed number".

But literally everyone does have something to hide: their fixed credit card number/crc/date, since that is an irritation to deal with if it gets stolen. It's not a public key unfortunately. Virtual CCs are a hack essentially to help bring some of the benefits of a more modern system that was fully tokenized (like Apple Pay and co) or used proper asymmetric crypto to legacy systems, at the cost of forcing more manual effort by the user. It's in the same bucket as password managers, ideally password auth would have long since ceased to exist, but in the mean time password managers help a bit with the garbage fire of the current authentication world.

0 comments

1 comments · 1 top-level

iamben6y ago

> I'm not sure you do?

As in, I get why Google might want to not allow them, I'm not arguing the concept of them in general. As for the pain side - it's comparatively hard to get an actual, physical credit card with a new number if you're burning through one every week by getting your ad account blocked.

> Virtual credit cards are still linked to you.

No, not necessarily. Google "anonymous virtual credit card" - takes about 10 seconds to find one offering "Any name, any address, NO ID Virtual credit card". I'm not arguing there's zero trail - but if you wanted to run a bunch of shady ads, this would be a pretty good starting point.

> But literally everyone does have something to hide

Definitely not arguing this, I completely agree. I'm not saying Google are right, I'm not saying the system isn't stupid. And as someone who's had their card cloned multiple times, I understand how much it sucks and how nice it would have been to have had a virtual number.

The point in my original post was simply that I'd guess a whole bunch of the ad fraud / spam ads / cloaked ads come from virtual credit card numbers. Again, I have absolutely no idea, but I imagine thats a big and painful problem for Google. Prior to the Apple Card, I think it's safe to say the bulk of credit card users weren't using virtual numbers. I'm guessing someone in an office at Google said "if we ban accounts using virtual CCs we'll cut fraud by X%" and the small amount of false positives probably make that worth it - how many of their large spenders use virtual card? And if they do they probably have their own rep. Hence the problem in the original article.

j / k navigate · click thread line to collapse