Even if you only shop at reputable online retailers, giving your credit card number to any website is inherently risky. No company with an online presence is immune to hackers, and that includes some of the most tech-forward businesses around — T-Mobile just had itssecond massive data breachin as many years, andGoogle Fi customers were also hit. So your best bet is to minimize your online footprint, especially when it comes to identity theft targets like your credit card. On Safer Internet Day, Google has taken a major step to help on this front with new virtual card support.
Starting now, eligible American Express cardholderscan usea virtual card number in place of their actual credit card information when shopping with Google Pay and Chrome. Virtual card numbers, including a CVV security code, are generated by machine learning algorithms at the time of sale, and thanks to Google’s partnerships with banks like Amex, this still bills you and earns rewards as if you entered your regular credit card number. The virtual card is only temporary, so even if the numbers get stolen, cybercriminals are significantly less likely to be able to charge your account.
Google launched this feature for Capital One customers last year and is now expanding the service to America Express cardholders. The company has stated it is also working with Visa, Mastercard, and other major banks to potentially bring this feature to the two largest credit card networks later this year.
Google’s virtual credit cards will work the same way on mobile or the web
When you’re checking out with an eligible card, whether it’s at a brick-and-mortar store with the Google Pay app for Android or a digital retailer with the Chrome browser for desktop and mobile, you’ll be asked if you’d like to use a virtual card. If you opt in, Google will use two-factor authentication by texting your phone number to make sure it’s you, then a virtual card number will be generated and automatically populated into the relevant fields.
Keeping your credit card safe is only one prong of a good cybersecurity program — you should also use strong, unique passwords for every site, which means you’ll needa good password managerto keep track of everything. You may even want to dial back Google’s tracking andprotect your digital privacy on Androidby adjusting several key settings.
