Privacy when making a purchase is something few think about but has significant ramifications that aren't immediately obvious. This post discusses the privacy aspect of making online, and offline, purchases. Let's jump in.
So what's the problem anyway?
The majority of consumers - roughly 80% - use some form of plastic to make their purchases. If you were to ask these people what kind of problem could come from using a card, more than a few will probably mention some variation of identity theft. With 284 data breaches across a dozen different industries, releasing billions (with a B) of personal records and credentials and constant stream of articles talking about the breach or leak of the week, it's understandable why most would probably jump to this.
In 2017, almost 17 million people experienced identity theft with trends continuing upwards with each passing year. That's roughly 1 out of every 23 people in the US. You could walk into any local Starbucks, look around, and know that at least one person in the building has personally experienced identity theft. Well, maybe not now thanks to COVID but you get the idea. It's shockingly common.
Even though someone can open a credit card in your name or impersonate you when opening a new bank account, many of these things are fixable given enough blood, sweat, and tears. The real dangers are things that aren't seen with the naked eye and are tough to correct once they start. Think about these scenarios for a moment.
What if United Healthcare purchases data from Walmart and sees that you buy a 12 pack of Coca Cola and a quart of Ben and Jerry's Rocky Road ice cream once a week and have for the last six months. They might deem that to be "too unhealthy" and raise your premiums because you're a higher risk for diabetes. Maybe your dental insurance sees that same data too and raises premiums because you're more likely to need work done on your teeth. Companies already factor in such things as hobbies, location, and profession when caculating premiums, so would this be unrealistic?
What if you apply for a customer facing job at your local retail shop but they see you have a reoccurring transaction at a J. Doe Therapy for the last 5 weeks. Because of that, they believe you'll be too unstable or unpredictable and would rather not have you potentially causing problems with their customers or management. Business already use your social media, or lack thereof, to make hiring decisions, so this isn't out of the realm of possibility.
What if you're shopping for a hotel and they have information that says you've made purchases at Apple, Nordstroms, and paid a visit to the new a high end Mongolian restaurant in town within the last 30 days. They decide to tack on $35 to your nightly rate because their data shows people who shop at these places are wealthier on average and won't second guess the hidden upcharge. WSJ found out back in 2012 that this exact thing was happening based on the type of computer you used. Using purchase history is merely the next step.
None of this is new and it's becoming increasingly more common across the world. There's numerous instances on record about how your data directly impacts your life in the ways described.
What's even more troubling is that the worlds largest data collectors are merging your real life purchases to your online identiy. Google has access to, at least, 70% of credit card purchases and are linking them to your personal profile. Facebook has been tracking what users purchase in physical locations for the better part of a decade as well. Don't use Facebook or Google? Don't worry, they still have you covered.
Okay, so that's a little concerning. What's next?
First, let's take a peek at what kind of information is shared with whom when we make a purchases with a card. The illustration below outlines the flow of data from beginning to end. No less than four companies grab hold of varying amounts of your personal information.
Here's some of the information these companies get when we slide our cards.
- Full name
- Debit/Credit card information (card number, exp date, CVV)
- The bank that issues the card
- Itemized list of your purchase
- Date of purchase
- Exact time of purchase
- Location of purchase
If you have a store rewards account, and use it, you can typically add these to the list.
- Physical address
- Email address
- Phone number
Over time, our profiles at these companies grow. Fully itemized purchase history, the exact date and time of every purchase you've made down to the second, and the location you made the purchases. And once they gather all of this data, they sell it. This isn't a new practice either with reports on this very subject dating back a decade.
A different angle
Here's a quick visual example I threw together to illustrate just how much information a person can glean from nothing more than your bank statement.
Without knowing exactly what was bought at any of these places, there's a lot of inferences we can make.
- This person visits 7-Eleven on a regular basis, most likely for a routine lunch or afternoon snack since it's rarely the first purchase of the day.
- This person also goes to therapy regularly. There are many reasons people see a therapist with some of the most common reasons in society today are related to anxiety, depression, loneliness, and trauma. While the exact reason is unknown, therapy is rarely sought after by someone who isn't struggling with something.
- This person uses post paid AT&T for their cell phone service. Due to the price, it's likely this person is on a plan by themself.
- This person donated to X political candidate, which shows their political leaning and candidate of choice.
- This person uses Comcast for their internet. Due to the price, they probably only have internet and no phone or cable.
- This person uses X electric company.
- This person has a membership and shops at Costco, which probably means they're slightly wealthier than average.
Nothing in that example statement is out of the ordinary. In fact, it's probably on the conservative side for some people out there in terms of number of transactions in a 10 day period. In addition to this, there's information that can be had from this that isn't shown in the example but can be easily found through the banks online portal, such as the general location of these business.
Instead of just knowing this person often goes to 7-Eleven, we know they go to the same west side 7-Eleven each time, which means they probably live or work in the vicinity. By knowing they go to the Costco and Walmart on the west side of town as well, we've reinforced their general location.
All of this information based on nothing more than a handful of purchases from a bank statement.
Now, if we were to simply go to the ATM and withdraw $500, we could have prevented all of that entirely. Much of it could be paid in cash and all of the rest could be paid with a prepaid debit/credit card. And because you did that, the bank doesn't know what you did with the money, all of those merchants don't know who you are, and the only trail you left was that you took out $500 from an ATM on the first of the month.
So, what can we do to stop this?
In store, it's fairly simple. Good old fashioned cold hard cash reigns supreme. There's no way to tie your purchase directly to you, assuming you don't give them a rewards account with your details. Their system will still log the transaction but it won't have any way to know it was specifically your purchase, which is all that matters.
For those that don't want to carry "tons of cash" with them, a non reloadable* prepaid Visa card is great alternative. For a small fee (usually around $5), you can go to the gas station, buy a card, and preload a few hundred bucks on it to use wherever you please. There's even merchants that regularly run deals that waive fees or give bonus cash when buying certain amounts.
*You need a non reloadable card because reloadable ones typically ask for SSN and other personally identifiable information required by KYC and AML laws.
Heads up though, transactions can be tracked on prepaid cards. It's not nearly as problematic since there are no identities tied to a prepaid card like a bank issued one. However, if you toss your prepaid card in the trash and your crazy stalker or private investigator picks up it, they can access the data with the information on the back of the card. Make sure to cut up or shred your cards once they've been depleted.
Online purchases are just as easy but they require an extra step or two. Running down to the local convenience store and purchasing a non reloadable Visa card is one of the most private ways to make online purchases. No information is required to buy and load up a card and you can use any name and address you want when making an online purchase.
If you'd rather not make frequent trips to the store, you can use a masking service such as Privacy.com* or Blur* to generate prepaid cards on the fly to use. These cards contain no personal information and are accepted in the majority of places. Privacy.com allows you to use any name and address you want on a card by card basis. For Blur, you can use any name but you'll have to use their specific address in Boston when using cards generated by them.
You are required to link your real debit card or bank account to these services, which will require your real information. For the large majority of people, this is fine since your threat model, most likely, isn't the government or three letter agencies.
*These services are generally US only. Currently, there aren't any similar services in other parts of the world.
A third option, for the retailers that accept it, is cryptocurrency. Most of them are not truly private but offer substantially more privacy compared to your Chase credit card. Bitcoin is the most commonly accepted but others, such as Litecoin or Ethereum, are starting to show up as well. For most people, prepaid cards are simpler, less hassle, and work in every scenario, unlike cryptocurrency.
With all of this, you're going to have to ditch your current store rewards accounts, if you have any, since they most likely contain your actual information. I always recommend going without one but if you "need" a rewards account, they can be easily filled is fake information. It's absolutely not against the law to tell the cashier your name is Mike Williams with an email address of firstname.lastname@example.org and a phone number that's impossible to forget.
Apple Pay/Google Pay/Samsung Pay/etc aren't better in any way either. In fact, they are often worse since you're simply adding another company or two to the long list of companies that see your details when making a purchase.
It's well worth the time and effort to build new habits around using cash or prepaid cards. Not only for today but for your future. Never forget that once your information is out there, there's no taking it back.
With that said, don't stress or worry about the past. The overwhelming majority of us have used debit/credit cards or signed up for rewards accounts but starting today, you have the knowledge and ability to break free of those habits. As your data ages with nothing new coming it, it becomes less valuable, less accurate, and less trustworthy to companies.
The saying "the best time to plant a tree is 20 years ago, the next best time is right now" applies just as well to privacy.
Want to join the discussion? Check out this post, and others, over at the CupWire subreddit and leave a comment.