Facebook Autofill Wants To Store Users' Credit Card Info 123
cagraham writes "Facebook has teamed up with payment processors PayPal, Braintree, and Stripe, in an attempt to simplify mobile payments. The system allows Facebook members (who have turned over their credit and billing info) to click a 'Autofill with Facebook' button when checking-out on a mobile app. Facebook will then verify the details, and securely transfer a user's info over to the payment processing company. The move is likely aimed at gathering more data on user behavior, which can be used to increase the prices Facebook charges for mobile ads. Whether or not the feature takes off however, will depend almost entirely on how willing users are to trust Facebook with their credit card data."
Facebook and Paypal (Score:5, Funny)
Re: (Score:3)
Re: (Score:2)
Re: (Score:1)
It's a good incentive to pay more with cash, and to keep on using cash for as long as you can.
Not credit card, not debit card, not any of the "electronic" or "mobile" alternatives. Good old boring cash. It's basically the only way to not have your personal data be bought and sold. Did I mention cash? If I didn't, I should have.
Re: (Score:2)
It's not really an incentive or disincentive for anything. I'm not going to use it, but whatever. Paying for everything with cash is pretty silly.
Re: (Score:2)
And for online purchases, buy anonymous pre-paid credit cards with cash.
Re: (Score:1)
The sad thing is that over here, even for pre-paid debit cards, they require copies of gov't ID.
Re: (Score:2)
Holy crap, where is this "over here" you're talking about? North Korea? China? Germany? USA?
Re: (Score:2)
In my "over here" you can get a pre-paid Visa from Australia Post but you must provide a working mobile phone number that does not block caller id and a (fake) DOB. Hardly anonymous. Too bad if you don't have a mobile phone. AFAICT none of the other options require less identifying information but I'd be happily corrected.
Re: (Score:2)
Re: (Score:3)
Re: (Score:1)
I that for a while it was popular for some cards to offer temporary account numbers for online shopping that would be good for one purchase. I think Citibank did that. I never used that feature though.
Re: (Score:2)
Re: (Score:2)
There really should be a more convenient way ... to send money to someone else, without giving them your credit card specifics. Visa, MasterCard, Amex, (and the others) should be providing this as a service to the cardholders ...
Not exactly what you asked for but... at least one MasterCard vendor (Bank of America) offers Shop Safe [bankofamerica.com] enabling you to create temporary virtual CC numbers tied to your real CC. Each number includes a CCID and allows you to specify a credit limit and expiration date (2 months to 1 year, but you can delete it anytime). The virtual card is locked to the first merchant to charge against it.
Discover has temporary proxy CC numbers (Score:2)
https://www.discover.com/credit-cards/member-benefits/security/secure-online-account-number.html [discover.com]
Virtual credit cards: BoA, Citi, Discover (Score:1)
I don't even trust them with my real birthdate (Score:5, Insightful)
Why would I trust them with anything else?
Re: (Score:3)
Re:I don't even trust them with my real birthdate (Score:5, Interesting)
Why would I trust them with anything else?
That's you and me.
But the mindless hoards out there like the "convenience". And they may be under the erroneous impression that if there's a mistake or theft of their phone, they can just call their bank and do a charge back. It will most likely work with a theft of ones phone - after a police report is filed and then sending copies to your bank. But a mistake or fraud by someone else?
Let's use Roku as example. when I created a Roku account online a year or so ago (have to in order to use the thing - no technical reason, though) they "require" that you put payment information in. Now you can chat with customer service and demand to be exempted - after they give you the BS about "your convenience" - they'll exempt you or you can delete the payment information after signing up - if it's really deleted, I have no idea.
While in their channel store, I see the "Buddhist Channel" and in the description is says it's "Free". The after adding it and going to the channel, this pop-up comes up and says "We are charging you $1 a month to" pay for costs or some reason like that.
They slid that right in there. Now, IF I was stupid enough to have given Roku my payment information, I can just imagine what I would have to go through to stop it. Roku get a 30%+ commission on this shit so they aren't going to be too thrilled about the problem.
Bank backing me up? Ahahahahaha.
Here's what I've seen too aften in situations like this:
Bank calls merchant and tells them that you are disputing the charge.
Merchant: "Nope! He hit the OK button. It's valid!"
Bank to you: 'You owe it."
You" "Funk'in A!"
On the support forums, some folks rationalize it with "iTunes does it!"
And we have all heard the horror stories of $1,000 bills because a kid, who didn't know what they were doing was just buying shit.
tl;dr - Giving payment information up front doesn't give that many protections and opens you up to fraud and other unethical behavior.
Re: (Score:3, Insightful)
Re: (Score:2, Insightful)
"Hordes".
You don't separate yourself well from that "mindless" adjective when you don't know the difference between "hordes" and "hoards".
Re: (Score:2)
Now you tell us! What am I to do with all those mindless I've be storing up for the last 10 years?
Re: (Score:2)
Re: (Score:2)
Magazine-fed zombie gun.
No, not a gun to shoot zombies with. A gun to shoot zombies at other things.
Take that, you pitiful fast zombies. Nothing says fast like "muzzle velocity".
Re: (Score:2)
This is why I like to use one-time numbers for things like this. Discover (at least they used to, haven't had to do it in a while) will give you a generated number, and you say how much is on it, and it will deny anything over that. For something that's $1, that might still go through, but if all you need is a valid CC then you can make one for $.50 and they can't do jack about it.
Re: (Score:2)
the only difference here is that instead of them already having your credit card info via various sources, now you're giving it to them outright.
Re: (Score:2)
You aren't the target audience. You aren't a real client. You are just content for their real clients.
This is made for those who already want to inform Facebook of what they're doing every single minute of their lives, with the hope that someone will be interested enough to read about them. Facebook could just create a Facebook bank, ask people to put in their salary and some people would do it.
The fact that someone who wouldn't even give them their real birthday isn't interested, is as irrelevant for Faceb
Re: (Score:2)
Now here is where I don't understand things.
Facebook is a social media site where you go to see someone's cat pictures, maybe someone railing about gun control, or perhaps an invite to an IP masquerade ball come next month.
How did Facebook turn into a bank, a CA, and a trusted authentication provider? The last time we had a third party doing the gatekeeping was back in the days of Microsoft Passport (then renamed .NET logins, separate from the .net language.)
I can understand FB offering this, but I'd at le
Re: (Score:2)
"Why would I trust them with anything else?"
Trading privacy -- which many are finally learning, means to some degree trading freedom -- for convenience is even worse than trading it for "security".
I'm with you. I don't trust Facebook with my real address, or phone number, or really anything at all except my name. I check my account maybe once or twice a year, just to make sure I didn't miss somebody dying, or something like that.
Re: (Score:2)
Yeah, and they kicked me off for using false datas. :(
wow. (Score:5, Insightful)
It's as if they're honestly trying to get everyone to delete their facebook account. I've been considering it almost daily for the past couple years, definitely more in the past several months. The only thing keeping me on there is how much of my family resides far from my current location.
Kind of makes you wonder, "How much do I really like my cousins?" I'm very close to saying, "Not enough to keep this account."
Re:wow. (Score:5, Interesting)
I'm with you there. I rediscovered my cousins, aunts, and uncles after 40 years through them finding me on Facebook. I keep up on their activities and assume they keep up on what I do based on the comments I've received. While they do have whacky beliefs (which are reflected in the occasional "Obama is declaring Martial Law on Oct 1st!111!11!!!!!!1" posting), it's still good to stay in touch.
But data collection (even though I keep my likes and details to myself), video ads, comment systems that require a Facebook account, and now this might be the tipping point.
I likely won't close the account. Most likely I'll just stop using it just like I've stopped going to several forums I used to frequent due to the number of crazy posts and responses.
[John]
Re: (Score:3)
I likely won't close the account. Most likely I'll just stop using it just like I've stopped going to several forums I used to frequent due to the number of crazy posts and responses.
[John]
That's pretty much the route I've taken - leave the account open, check it about once a month for messages, and never, ever put another piece of content or information on there for them to sell.
Re: (Score:1)
Re: (Score:2)
Tipping point for what? No one is forcing you to use the autofill or even provide them with your credit card number.
Re: (Score:2)
You're absolutely right.
But this is more about Facebook as a meme to the parent of your message, rather than any specific compendium of data representing a cogently-derived opinion based on a preponderance of facts. Heaven forbid facts.
That said, I have little trust of Facebook, less of Google, and not much for anyone else but this isn't about me-- this is about some poor trusting soul (rather than the skeptical me) getting a browser hijack or MITM attacker or just plain raiding FB's repositories to milk ou
Re: (Score:2)
Try to open a Facebook account today WITHOUT giving them a cellphone/SMS-capable number. Last time I checked, you couldn't.
Next up is credit cards, after that it could be bank accounts numbers, social security numbers, etc.
Re: (Score:3)
Re: (Score:2)
What you're saying outlines the "repeating the past" problem that Facebook has. Myspace was invincible and going to last for all eternity and because of that, they pissed off their users daily with awful updates and horrible page layouts. Facebook came out and was slightly better so tada, everyone bailed. Now Facebook put themselves in exactly the same place and the only thing that is necessary is for a slightly less annoying and evil one to come along. So in other words, not Google+. Isn't there some open source style non-profit social networking site out there? Let's all go there.
This prompts the question - is a "Social Network" something that lends itself to a viable business plan that doesn't involve selling out their users? Many folks I know are convinved this is *not* possible. The FB folks think you don't care that you're being sold out. Google figures you won't have a choice (what no google search? are you even competitive anymore, mr. coder?). The folks at App.Net think you're willing to front the money for a no-compromise account.
Me, being a raving socialist, think this
Re:wow. (Score:5, Interesting)
I never signed up for Facebook in the first place. I'd had my own domain for a time, and ran my own web log, but decided that it wasn't worth the effort and that what I was willing to share with the rest of humanity wasn't something that the rest of humanity was interested in. When I've seen others using Facebook I continue to get that vibe. I don't know what I'd do in your shoes, but having never had an account and seeing all of the BS makes me happy that I never did have an account in the first place.
Re: (Score:2)
I'm starting to wonder if they're just trolling us. Facebook's policies and very reason for existence runs contrary to what I was taught as a child, which was anti-narcissism (ie, any sort of notoriety based on achievement, not simple vanity), speaking when one only has something to say and keeping one's personal life personal (as opposed to, "look at me with this drink in my hand! Look at me with this puppy! Look at me with these whores!"), and now, keeping one's finances close to one's chest.
Somewhere we went from modesty as a virtual and pride as a vice to the exact opposite. Or maybe that was always an ideal, and not a reality.
Re: (Score:2)
It's one thing to sing praises of true achievements that go beyond what an average person reaches; that doesn't bother me too much if it's done with reason. I do object when mediocrity is celebrated, or when things of shock value are celebrated when they're actually poorly done. The entertainment industry is an example of the celebration of mediocrity, when we'r
Comment removed (Score:5, Insightful)
Re: (Score:3, Insightful)
I didn't keep in close touch before Facebook, and I have no reason to suspect that I would in a post-Facebook life. I like knowing what my relatives are up to, but I don't actually care what they are up to. It's a subtle difference, but the difference is definitely there.
Re: (Score:2)
Yep, this is a problem. They say they will only communicate with me on Facebook. Frak 'em then!
Re: (Score:2)
If you really feel that way, it only takes about ten minutes apiece to switch them all over to G+.
Not that I'm endorsing Google; I'm just saying there are other options for keeping in touch with family online.
Re: (Score:2)
It's as if they're honestly trying to get everyone to delete their facebook account.
No, I think your average Facebook user would welcome this.
Re: (Score:1)
That was probably more true pre-Snowden.
It's not that people care specifically about the NSA, but they are definitely more aware of how vulnerable in general their information is. Not by much, but a little bit.
Re: (Score:2)
I disconnected mine about 18 months ago. Having been with them since they were open to the public and my friend base (real friends and family and the odd acquaintance, not the invite everybody for shits and giggles group most people seem to have) gradually growing until it became easier to connect with them there instead of an occasional text or call it was a real pain in the ass to keep in touch with people the first couple months. After that however I found I enjoyed not having constant updates of what
Even if you don't I have to ask... (Score:2)
The first I have to ask "Why would anyone buy something from a free site?". That is the part I really don't get. I get finding a time waster game like Angry Birds, but that money goes to Zynga and Facebook should get their cut from a Zynga rep based on someone purchasing a game designed for Facebook. It's working backwards.
Next, why would anyone purchase anything from a company with so many security problems? Facebook as been full of them since release, and not rocket science hacking problems but simple
Re: (Score:1)
Well, I don't know why a person would do so. I certainly wouldn't. But I wouldn't it past Facebook to try to scrape the information from other tabs you might have open.
Re: (Score:2)
Re: (Score:1)
I already take such measures. I was offering a hypothetical as to why this is a problem for less technical users than us who might still be smart enough to never pay Facebook for anything.
Re: (Score:2)
Re: (Score:1)
I really only think about it when I read a daily article about how much worse it got today and when I check in to see if anyone's up to anything.
Re: (Score:1)
I hate email almost as much as I hate facebook.
This is a good idea... (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
You mean the Google checkout/Google wallet that only works in half-a-handful of countries? Those things?
Awfully hard to trust Facebook (Score:5, Insightful)
Re:Awfully hard to trust Facebook (Score:5, Funny)
Re: (Score:2)
I don't even trust those guys with a browser cookie, much less a credit card.
Two notes: :-) :-) Of course from the credit card number they can tell which bank you use, which I'm sure they can leverage somehow.
1) It's their cookie
2) I don't think the facebook guys need your credit card to buy shit
Re: (Score:2)
I don't even trust those guys with a browser cookie, much less a credit card.
Two notes:
1) It's their cookie :-)
It's my browser and computer. I (and Greyfox) just don't let them store it here.
2) I don't think the facebook guys need your credit card to buy shit :-) Of course from the credit card number they can tell which bank you use, which I'm sure they can leverage somehow.
3rd party apps need your CC info so they can bill you for what they're forced to give you for free now or beg you to buy FB credits. Facebook just wants to act like a middleman/bank at this point.
I'd say this is laughable, but..... (Score:1)
Talked to a guy last night who I had just met recently who couldn't comprehend why I wasn't on Facebook and didn't understand why my real name/face wasn't plastered all over Twitter. Some people just don't know/care about their data getting out
Just so stories (Score:3, Interesting)
Fair enough. Add in a new user agreement, in large blinking red letters at the top, so the user doesn't even have to scroll past pages of deliberately obfuscating boilerplate, "Facebook will do this for you. In exchange we will gather buying info tied to your purchases through us to sell ads targetted to your buying habits. Truth be told, we don't care if you buy Depends or urine catheters or Justin Bieber tix, it's all done automatically by computer aggregate anyway."
Re: (Score:1)
It'll work. (Score:3)
What additional harm could a 16-digit string cause when people happily and willingly furnish Facebook with their full name, sex, DOB, address, pictures, employer's name, former employer's name, school, friends' and relatives' names, hobbies, personal preferences, real-time location, etc.?
Re: (Score:2)
A lot.
In other news.... (Score:3)
Facebook? Paypal? Trust? ARE YOU ON DRUGS!?!?!? (Score:5, Funny)
Anyone who willingly opts into this is a friggin moron.
I can understand some cases where having a Facebook account or a Paypal account is a necessary evil (mostly emphasis on "evil").
But both of these services display an almost nonexistent regard for their user bases, with Paypal going so far as to actually steal money from its users (locking out accounts with cash in them for months on end and continuing to profit from the interest, fraudulently attempting to hoover out users' bank accounts, etc).
But hey, if you want these two to potentially ruin your life by bankrupting you and reporting about it online, go ahead!
I'll just sit back and laugh at you derisively.
Re: (Score:2)
No one in this world has ever lost money by underestimating the intelligence of the great masses of the plain people. Nor has anyone ever lost public office thereby.
-H. L. Mencken
New Facebook sidebar widget (Score:3)
Re: (Score:2)
Mastercard likes this.
Re: (Score:2)
That would be stupid (Score:2)
...will depend almost entirely on how willing users are to trust Facebook with their credit card data.
Well, that would just be plain stupid of me. Or anyone.
Thus, as history has shown us, it'll probably happen
The ONLY reasonable response... (Score:2)
Is to put these people in your hosts file...
127.0.0.1 facebook.com
127.0.0.1 login.facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 blog.facebook.com
127.0.0.1 apps.facebook.com
Re: (Score:2)
Using 127.0.0.1 will waste time at the application protocol layer trying to connect to a web server on your localhost.
Try 0.0.0.0 or :: instead, both are null routes and will fail immediately in the transport layer.
Why Facebook wants a credit card on file (Score:2)
I would hope that Facebook protects credit card data in accordance with GLB, PCI, other regulations and best practices.
But the reason they want people to put a credit card on file with them is so they can market things - they figure you're more likely to buy an impulse purchase when you have a number on file (a la Amazon) than when you have to enter a card number for each purchase.
Which is exactly why I've resisted EVERY overture Facebook has made for me to purchase something - I don't play games, I don't g
Innovation (Score:3)
Hi Guys!!!
No (Score:2)
No problem, not your money (Score:2)
You can easily trust Facebook with your creditcard details. Creditcard payments represent the money of the creditcard company, not yours. In case of a Facebook leak, the system is compromised, not your wallet.
Re: (Score:1)
Not the best way to look at that, given that you're on the hook for any money spent through that card. Sure, there's "protection" there if someone else spends money through your card, or the system is compromised, etc. But the hassle is nearly all yours for straightening such a mess out.
Very very very good and im all for that (Score:1)
Facebook Autofill can... (Score:2)
...store my nuts in it's mouth.
Multi factor authentication (Score:3)
Re: (Score:2)
This is already happening. Some of what used to be Yahoo Groups or on a dedicated forum have moved to Facebook. I consider this a great leap backward (even if there weren't privacy concerns, Facebook's interface makes me want to stick forks in my eyes). I've abandoned the relevant 'social groups' rather than put up with all this. :(
Re: (Score:2)
Many robots at FB (Score:2)
Trust? (Score:2)
I trust Facebook with my financial information just as far as I can throw the combined weight of every asset (both human and non) of the corporation combined.
Re: (Score:1)