💾 Archived View for dioskouroi.xyz › thread › 29432683 captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-03)
➡️ Next capture (2021-12-05)
-=-=-=-=-=-=-
________________________________________________________________________________
Hi all - I’m one of the founders at Privacy. I’d like to provide more context on why we’re asking customers to reissue cards.
In an attempt to stay current with changes in card network and bank requirements, we spent the better part of this year investigating product adjustments and determined that changing our cards from prepaid debit to charge cards is the best option to preserve the customer experience. I recognize reissuing cards can be a pretty big inconvenience - this isn’t a decision we took lightly. The silver lining is that this should improve merchant acceptance and provide a better overall customer experience.
Functionally, cards will continue to operate exactly as they always have - no fees, no interest, no selling of your data, and no impact to your credit score.
Why force the change onto customers though? Most people understand the difference between a debit card and a credit card, and as someone who's had Privacy.com cards denied because it was a prepaid MC debit card and not a real CC, I've experienced what the problem was. But for merchants where the prepaid debit card _works_, why can I not continue using that card number there?
Privacy.com is a _wonderful_ service, but it already automatically locks to the first merchant the card is used on. If it's already working for that merchant, Why do _I_ have to change the card number? Use the credit card updater mechanism (the same mechanism for when a CC gets stolen but my Netflix keeps working and they get the new number somehow) for all merchants that support that - that should keep the customer load down.
I hear you on this. We’re really sorry for the inconvenience. Unfortunately, this wasn’t fully within our control. To stay compliant with our bank partner’s requirements and network rules we were forced to make this change to existing Visa cards too.
We did explore the card updater[1] and were hoping to be able to use it. Unfortunately it’s not a viable option due to technical limitations. If we could do the updating for you we absolutely would! If you have questions or there's anything we can help with, please reach out to support@privacy.com
[1]
https://developer.visa.com/capabilities/vau
It's always great to see candid comments like these from the people involved. I appreciate you all and I know I'm not alone.
Can you provide more detail on the partner requirement that forced this?
I have hundreds of cards.
I have heard nothing of this problem until now.
Still nothing in the app.
WTF?!?
> but it already automatically locks to the first merchant the card is used on.
Just a minor correction: I'm able to use the same Privacy card for x merchant for any number of y merchants, so long as it stays under the charge limit I've set for that card.
That has not been my experience and runs counter to their core product offering. Just my two cents.
So a privacy card you used for one merchant was denied by another merchant? And it wasn't due to them rejecting prepaid cards, setting your card to single-use, or setting too low of a dollar limit?
Not OP, but yep, my cards have been locked to the merchant.
I've only experienced this with Kickstarter and then a secondary payment collector (BackerKit, etc) where some extra charge had to be finalized, typically shipping or maybe I threw in some extra doodad, and then had it fail because that second charge wasn't technically the same merchant.
But this was fine and I was happy - working exactly as intended. I just created a new privacy card and updated payment.
Not OP, but yes, this has been my experience.
https://support.privacy.com/hc/en-us/articles/360012404053-W...
Yes, it's quite annoying. I didn't want it and it was a surprise to me. I think there's a way to turn it off, but I haven't looked into it.
Hi Jason,
I posted this here originally, and wow this blew up, I think we've actually spoken over email as I was one of the earliest users of privacy. I've been using it for many years and abjectly love the service.
I don't object to you reissuing cards. Like I mentioned in my other comment, I actually see a lot of positives (no more prepaid issues!), however, only giving people 30 days to update their cards in dozens (I literally have 81 open privacy cards) is "not fun" and up until now, using your service has been smooth, painless and something which this change (mostly the timing of it) just completely deflated.
I updated like 4 or 5 cards so far, each one took me 5-10 minutes, on the outside I'm looking at (worst case) 13 hours of work I have to fit into the month of December (which with the holidays and year end biz items, is already the busiest).
Yesterday, your service was just a dream to use, today it is a burden I have to find hours of time to fix.
Sorry, I do truly love privacy and didn't post this to hurt you or privacy, but I hope you can extend the deadline.
Best of luck to you and all of the privacy team.
I have hundreds of cards! Why are you forcing me to do this?! I have no time! Honestly, I'd probably just move to my main card, which almost never changes! Tomorrow you may decide to do something again! I really don't have time to babysit this! You should grandfather all cards and allow customers to change them if they want, otherwise, they should be valid till their expiration date! You're asking us to do a lot of work during the holiday season - this is crazy, really!
I don't quite have hundreds of Privacy cards, but I have quite a few, and many for subscription services. Though I understand and welcome the core reason for the change, forcing users to do this migration in December—of all months—really necessitates a grim view of the value of our time and energy.
The pre-paid debit product was limited, but far from broken. This could and should have waited another month. And the news shouldn't break on HN.
(I work at Privacy.com)
I'm super sorry for the inconvenience and for the limited lead time. Unfortunately, this change wasn’t fully within our control and was required by our card partners.
There needs to be more transparency about how your partners forced you to this course of action and on this timeline, because this is going to seriously hurt your reputation and business. That sounds like an abusive partner, who doesn’t care about you. Or they make for a convenient scapegoat.
I agree with this. Not having to fiddle with changing cards was the main selling point that made me switch to Privacy, after my debit card was canceled 2 times in a month for “fraud” (it wasn’t -- they were legit purchases). I also have over a hundred cards, and subscribe to the paid plan. This is a huge inconvenience, especially given the short timeline and holidays. I wish this was handled better for older virtual cards.
Also, I haven’t received any email about this change.
I got the email yesterday. Those people live in ivory towers and probably don't use their own product! I have 4 weeks to move hundreds of cards, I'm a paying customer, and they just twist my arms to do this without actually thinking about making this easier for their clients! The prepaid status of the card was an issue, but when Divvy switched from MC to Visa, they had like 3+ months, when old cards worked, and you got the option to reissue them as Visa ones one by when at your convenience!
FWIW, Privacy cards, like all credit cards, have expiration dates so you'd have to refresh all your cards eventually anyway.
What I'm wondering is: why am I hearing about this over HN and not an official notification or email? Did I just miss it?
> why am I hearing about this over HN and not an official notification or email?
I logged in (to create a new card, so I could try out Oracle cloud), saw the notification and searched my email (saw nothing..) and searched HN (saw nothing..) then posted it.
I'm really kinda shocked I was the first, and, even more shocked it blew up as much as it did. I just checked back now (11 hours later -- it's been a busy day testing out that oracle cloud account, among other things) and this went crazy.
Yeah, but they don't expire within 30 days!
Or at the same time
My main card changes _all the time_ because it keeps getting somehow obtained by fraudsters, and then cancelled. I checked and this is true these days of many of my friends too.
It's definitely inconvenient when it does, especially when that involves updating a bunch of different accounts/vendors.
> I have hundreds of cards!
oh yeah, well I have 167 bajillion!*
*I really don't; I do wonder what you're doing with hundreds of monthly payments though.
You do realize that people use Privacy for business too, right? And virtual cards are not limited to monthly payments. I have one for a local coffee shop that I occasionally do an online order for.
Yes, those are not all recurring, most are just one per merchant, generated via 1Password.
First off let me start with how much I love your platform, I use it religiously. My experience has been great except for a few times it fell short and it's not something forgotten easily. My account has been suspended twice after trying to make purchases (both for under $50 purchases), one of them at a Ft Lauderdale pizza shop and the other was a online merchant. Both times I had to open support tickets and wait over 24 hours for support while I was locked out of my account. It turned out there's a blacklist of merchants that your not allowed to make purchases at but support couldn't give me the blacklist. So it's like a game of russian roulette if my account will get suspended for making purchases. Can you share any information on how this problem has been solved?
I suggested to support that if someone is able to log in, pass 2fa, that should be enough to prove it's not fraudulent. I don't think support ever responded to my suggestions.
Thank You
I didn't get an email about this, disappointing to find out first on HN. I assume there will be plenty of customers who just "miss" this and find out the hard way next month. Also 1 month notice during the holidays is really bad timing when you've had it available since early october.
It it possible to continue using Privacy.com without providing an SSN?
As I commented in a thread below, I had started using your service connected to a debit card via my credit union. Then was required to attach a bank account/routing number as the source for funding and didn't receive an adequate answer as to why (which is fine, but it's slower to process and it requires that I provide more sensitive information). I get that Privacy is obligated to gather certain financial information for regulatory purposes and fraud prevention, but it feels like I'm widening my attack surface providing that info.
Hi -- I'm the head of legal and compliance for Privacy.com. Unfortunately this is a bank partner requirement, otherwise we wouldn't ask.
We do take customer privacy and security very seriously, and have worked hard to have similar data security safeguards as larger companies like Square and Stripe (both places I've worked, so I would know!). You can read more about some of our security practices here.
Any chance Privacy could accept ITINs as well?
I've tried putting mine in, but it says (rightly) that it's an invalid SSN.
wait... what if I don't have an SSN? (not a citizen, have a us bank account)
US law requires your bank to collect and verify your identity and crosscheck against a series of loste. It is part of the Patriot Act post 9/11. Unfortunately for most banks this means that they require an SSN. Technically an ID or ITIN should suffice.
I have a US bank account that I opened only using my passport and a US home address I live in. and I have a Privacy account. I don't have an SSN. Does that mean I'm locked out of Privacy come 2022?
There's obviously no requirement that you must be US citizen. The requirements are known as KYC -- know your customer -- and simply require a certain amount of due diligence. It means you've verified that the customer is who they say they are, and that the account is in their benefit and not someone else's. It's part of the wider AML framework -- anti-money laundering.
It sounds like Privacy is falling into KYC territory and is not able to farm it off to the host banks. But then any limitations around requiring SSN are due to their implementation, and not to the KYC requirements.
Right, this is crazy. I'm a US citizen but don't have an SSN and couldn't get one last time I tried.
Somehow I’ve assumed every US citizen has an SSN. Are there obstacles you encounter from not having an SSN? What is the process for opening bank accounts or applying for loans?
Did you not apply for one? You’re eligible as a citizen or eligible resident. I have so many questions about this edge case.
Every citizen is supposed to be given an SSN.
Parents can opt out of having an SSN issued for a child at birth in the US.
Sure, but why would they? I can’t think of a good reason.
Regardless all citizens are eligible and should be given an SSN if they apply.
Parents do all kinds of things with the intention of protecting their children. Not all of it is well-informed.
You don't need an SSN before a certain age, so this isn't weird.
Sure it's weird. It's easy enough to do when the child is born, why wait?
My daughter had her SSN used when she was around 10, and I can't recall her ever needing her SSN as it's no longer required for things like medical insurance, etc.
fwiw you don't need to be a citizen to have an SSN, you just need to be legally resident.
I don't know if it's something you have to apply for, I was 20 when I moved to the US so my parent handled all the paperwork. Just wanted to float that SSN != citizenship.
> I get that Privacy is obligated to gather certain financial information for regulatory purposes and fraud prevention, but it feels like I'm widening my attack surface providing that info.
This feels like a "you always become what you once hated" situation. Privacy.com was supposed to keep our private data private. With this change there is no way to use Privacy.com without providing even more private data.
This really should have been a choice for users. Do you want privacy or better compatibility? Considering Privacy.com's userbase and their freaking name, I would guess many users would choose privacy over that extra functionality.
The name "privacy.com", while impressive as a domain name has always kind of confused me. As far as I'm concerned it's a service that protects against credit card theft, privacy unchanged.
With modern fraud prevention and financial regulation, we simply cannot expect actual privacy with payments or really any finance.
When I use a regular credit card to buy something, do Google/Facebook/etc end up being able to link the purchase to my identity to market to me etc? I figured that was the privacy part.
I agree that as a potential customer my main interest is about credit card theft/abuse.
(This does make me wonder if they are mis-marketting focusing on privacy, instead of controlling damange of credit card theft, and sketchy merchants who charge you reoccurring charges you didn't realize/have trouble canceling, etc. That's my interest).
I guess the non-secret parts of the card number can totally be cross referenced with others merchants you've shown the card, but an online purchase very often also has a name and address so your identity is already out the window.
Also fraud detection systems will often track the type of purchases associated with a particular card number, to detect anomalies. So I suppose your privacy is somewhat protected from that, but the e-commerce sites probably already know who you are.
Part of the "privacy" part is the fact that privacy transactions accept any billing address.
This is a huge inconvenience, and dressing it up as an "Exciting Update" is Orwellian. I was a paying subscriber, but I'll be cancelling my subscription now.
I'd like to thank privacy.com for making this change.
It sounds like most people aren't aware, but recently merchants have been coming down hard on privacy.com. I've almost given up using it. Hetzner and GCP are the most problematic, but I've seen it elsewhere too.
I'm not happy about having to reissue, but I will be happy if this forces vendors to take my privacy.com card.
(Everyone else is complaining, so I thought I'd at least try to balance it out a little.)
EDIT: Well, never mind. Apparently their new cards are still getting rejected.
https://news.ycombinator.com/item?id=29438181
I was really excited...
Just want to say,I LOVE your service! Thank you all for your hard work and what's been a flawless user experience up to this point.
I've been with y'all since the very early days.
I have no idea how you all make money but I hope you all are around for many years to come.
> In an attempt to stay current with changes in card network and bank requirements
What were the most important changes from the networks in banks that precipitated this?
Requiring an SSN is an important change. Did prior requirements not do enough to prevent abuse of their services?
Is this rolling out slowly, or did I join after this was already implemented for new cards? I see no cards on privacy.com/reissue and haven't gotten any notifications. I signed up in October.
We rolled this product out to new users in early October, so it's possible you signed up after that change and have been issuing the new card type.
Reach out to our team at support@privacy.com and we'll be happy to take a look at your account and confirm.
They confirmed I signed up with the new thing. Thanks. You might want to add an FAQ entry to cover the situation where someone finds out about the change but doesn't know if it applies to them.
Seems like they are changing bank partners and will use cards that code as "charge card" instead of "prepaid card" which is great (some places block "prepaid" cards) but they are forcing this change on everyone (as much as I could see) and doing it with only 30 days of notice, which is much less great.
Always bugged me when I tried to use a Privacy card on Digital Ocean
I don't blame them, though. DO is a "bill-after" company, so if you racked up server time, they're out that money if you attached a pre-paid card with $0 on it.
We use DO as our provider, and we offer trials in our product offering, so if they attach a prepaid card to _our_ service (which people do, all the time), we're out that money, but it's $5 for us, so we eat it.
The thing is that every card has a limit, both regular debit and credit. You can easily have a bank account with no more than a couple dollars in it and DO would accept that just fine.
If you haven't preauthorized, you aren't guaranteed payment. That's why these services also have usage limits, of course--AWS doesn't want me to rack up a million dollar bill without seeing a past payment history that would indicate I can actually afford that.
> DO is a "bill-after" company, so if you racked up server time, they're out that money if you attached a pre-paid card with $0 on it.
Then if they don't want that, don't be bill-after or companies like Privacy will just engineer around that prepaid card limitation.
Everyone is a bill-after company, though. If it was pre-pay, you'd buy $200 of computing time, convert that into 8 cents of today's hot shitcoin, and then initiate a chargeback to get your $200 back. They could make you wait 60 days or whatever, but that's an unpleasant customer experience, so they don't.
With physical goods, there is always the possibility that the merchant could compel you to return the physical good, but with cloud computing, that's nearly impossible.
Weird, I must have added my Privacy card to DO before they made a backend payment processing change. Been using it since July 2016, with a new card in August 2020.
I thought DO had an option to prepay via Paypal.
Yes which means you prefund your expenses. If you provide a prepaid card as a funding source it is likely to not have funds when they attempt to debit you for services already rendered. I'm sure they'd be fine with you prepaying on a prepaid card.
If you're trying to use something like Privacy.com, it's probably because you don't want to have your details shared with others. Using PayPal is not going to to that.
They do
It looks like they have added a manual payment option, though certainly not preferred, so that they can technically comply with some definition of charge card perhaps?
https://support.privacy.com/hc/en-us/articles/4414521565719-...
For reference:
> On December 31, 2021, we will close all Visa Privacy Cards that have not been updated. In order to continue using Privacy.com without interruption, we need you to complete a few simple steps. Visit our FAQs to learn more.
Via the popup transition tool when logging in.
Sad they couldn't keep existing cards open till they expire, but just recently their card expiration dates jumped to lasting till 2027 so I see why.
I can understand needing to comply with updated KYC requirements from a bank partner, but I'm not really experiencing the "improved merchant acceptance" so far.
The very first card that Privacy.com recommended I replace was the card I have for paying my Spectrum bill, which Spectrum is obviously already accepting. Privacy.com even linked me straight to Spectrum's billing page to replace the old card with the new "improved acceptance" card. Imagine my surprise when Spectrum rejects the new card with "Prepaid and gift cards are ineligible"
EDIT: I regenerated the card again and Spectrum accepted it no problem. No idea what happened there. Maybe there was something funky with that particular card number, or maybe I mistyped the previous number? Either way, it's working now and I've had no problem with the rest of my card replacements so far (though it has certainly been a bit of a slog).
... Oh.
I just posted a thank-you to Privacy, because I assumed it fixed this problem.
I guess I'll edit it. That's unfortunate.
I got this message last night. I started the process to reissue the cards, but I was immediately asked to provide my social security number. Privacy.com already has my bank account number and routing details, but TBH I'm not super comfortable providing even more personal info such as my SSN. Privacy.com has been an amazing service, and although I'll likely cave to their request for my SSN, I'm not all that happy about it.
Hi -- I'm the head of legal and compliance for Privacy.com. Unfortunately this is a bank partner requirement, otherwise we wouldn't ask.
We do take customer privacy and security very seriously, and have worked hard to have similar data security safeguards as larger companies like Square and Stripe (both places I've worked, so I would know!). You can read more about some of our security practices here.
Hey, thanks for the response! Does this apply to both the linking of a bank account (ie account number w/ routing number) and linking a debit card?
Thanks for responding to these questions. Very much appreciated.
Yes, it should be funding source agnostic. Anyone moving to the new card types will be prompted to provide their SSN.
What if i'm not a US citizen? don't have a SSN...
“Unfortunately we cannot support international bank accounts or non-US users at this time.”
https://privacy.com/virtual-card
But I already have a Privacy account... with many cards... am I just completely screwed?
It's a little ironic that privacy.com is asking for your SSN lol.
Privacy.com is to firewall you from service providers, not the government. There is no way around KYC/AML if you’re operating legally.
I’m not American. I opened a U.S. bank account with a major U.S. bank (I.e., presumed to be operating legally) without a SSN or US address. I have no other US identification or number.
There is no way around know your customer, but that doesn’t mean “requires SSN”. That’s just the easiest path from point A to point B and most businesses don’t care to support anything else.
I'm also not American and I was able to open a US bank account without a SSN, however they instead put in a dummy SSN of 300-00-0000. I suppose your bank might have also given you a dummy number like that.
I wouldn't say it's the easiest path, but a critical path. A social security number is usually required to provide identity resolution confidence (name, birth date, and address are insufficient). Don't take my word for it, that's straight from the Internal Revenue Service's Privacy Impact Assessment for it's ID.me identity proofing partner [1].
[1]
https://www.irs.gov/pub/irs-pia/id-me-pia.pdf
(Pages 2-3)
Yeah, a bit. Despite that, I still perceive them as a good barrier (and defense) between my personal financial account and random online businesses whom I would very much like to not provide any personal info whatsoever. An example is wanting to buy a LOSSLESS album from Bandcamp, I can use Privacy and I don't even need to give the musician or Bandcamp my real name or actual financial details.
I was under the assumption you never need to give your real name when using a debit or credit card. Zip code and the number of the address like 7 for "7 Main St" are required usually.
If it makes you feel better, your SSN is dumped into thousands of leaks already, most likely.
> If it makes you feel better, your SSN is dumped into thousands of leaks already, most likely.
Actually, this reminder does make me feel slightly better about giving my SSN to Privacy.com.
Yeah at this point I assume my SSN is more of a UID username that isn't just fully-public, but I need to monitor credit and be pro-active about it, rather than some secret value.
Maybe it's because you have your funding source as your bank account, but I was never asked to provide my SSN with a debit card funding source.
> Maybe it's because you have your funding source as your bank account
I originally had it tied to a debit card, but for some reason Privacy.com forced me to provide a bank account about a year after I started it. I asked support why and they couldn't give me a good answer other than my credit union is no longer supported (though I think the agent I spoke with was blowing smoke and it might have had something to do with my always-on VPN).
Have you been asked to provide an SSN with the latest change?
I loved the idea about privacy.com - used them for a while - but a significant (>40%?) of the vendors that I tried to use them with didn't accept pre-paid cards (which I guess what these appear as) - and almost 90% of the vendors that I really needed them for would not accept them.
Perhaps this re-issue will make them more useful - here's hoping, because I think the idea is brilliant.
I found the opposite, oddly, only a tiny % of vendors wouldn't accept prepaid cards. I do agree it was all services where I REALLY wanted to use privacy.
That said, the only great thing about this, is that the new cards are re-classed as "charge card" and not "prepaid" card, so, they fixed it!
If only they did it with more than 30 days notice I would have been ecstatic.
As a fairly active user, I'm extremely irritated with this being how I am finding out about this change.
Wrapping up something that amounts to extra work for me in bubbly language is kind of infuriating but in keeping with a couple of my experiences with them.
I'm not sure if I'll continue as a user given my existing unease with how I feel their existing pitch and documentation are misleading.
I appreciate the service but I'm not sure it's worth it to me to switch the cards I have given the my other experiences.
Totally agree, especially about the bubbly language used to dress up what is almost certainly a major inconvenience. I've been using their service for years, but if I have to change all of the cards that I have on file everywhere, I might as well just put in my CC details and get the cashback/points.
I was a paying Privacy customer in the past; I’m only a free customer now because you give too much functionality in the free tier plan and because of the occasional incompatibility with some merchants.
I normally immediately end my relationships with companies that make a change that invalidates all the effort that I have already put into the company. Why? You just zeroed my sunk cost and made the cost of switching vs cost of staying the same.
I would like to stay with Privacy but I really want some assurance that you’re not going to do it again.
Maybe this is an example of "developer brain", but when I see "reissuing all cards", it sounds like when a company has a security incident and resets all passwords at once.
So as I scanned through, my read was "oh, Privacy.com had a security incident", which it did not.
To be clear to anyone who's reading along here instead of the site, they're reissuing cards because they are changing the way their card issuance works in order to improve merchant compatibility (which is definitely needed).
As such they have to use, presumably, a different set of card numbers/prefixes/whatever that the card issuers dictate. No security incident prompted this.
Typically privacy.com cards showed up as a prepaid card, and most merchants online block these. Curious to see how it improves acceptance rates.
Curious, why do most merchants reject those? How do they impose more risk to the merchant?
For post-paid things like cloud offerings, prepaid cards are much easier to get compared to debit/credit, so you end up with a lot more fake accounts that just run malware/use hundreds of dollars in resources in a month only to have that card decline after the money on the prepaid is already spent somewhere else.
I read it the same way as well, but my reasoning was that vague/generic/neutral headlines tend to be associated with bad news. E.g. Google's "spring cleaning"
I've always been surprised by privacy.com's business model. Do they really make enough money from those small credit card processing fees to stay afloat, or are they coasting on investor money?
So the processing fees (called interchange) are capped at a $0.21+0.05% low rate for most banks, but very small banks and credit unions are exempt from this cap, and charge ~2% similar to credit cards. Fintechs always partner with a small bank to issue their cards and split the revenue.
So the thing is, most of their customers are going to be connecting a debit card from a large bank (they don't allow credit cards as a funding source). A few will come from a Durbin-exempt institution like a small credit union or a community bank (including one issued by another fintech/bank partnership such as Chime). But on the whole, they will mostly be paying the low interchange and charging the high interchange.
Since the new cards are considered credit cards, not debit cards, they won't have to worry about Durbin amendment at all.
I recognize another patio11 connoisseur.
I hope they're making enough money. They offer a fantastic service, and they do have paid tiers as well.
I hope the fees keep them afloat, but they are one online service that I wouldn't mind paying a monthly subscription for.
Can anyone figure out a reason why issuing new cards would require a new terms and conditions or is this Privacy.com just using this as an excuse to force users to accept new and presumably worse T&C (if they aren't marketing the changes then it is a safe assumption the changes aren't pro-user)?
Hi -- head of legal and compliance for Privacy.com. tl;dr is US consumer card types have lots of rules and laws attached, and we needed to have folks accept some new terms before we could give you all access to the new card types. Thanks for using our service!
So it sounds like the TL;DR is that Privacy.com is getting less private as the new terms allow you collect more user data.
I'm surprised I'm hearing about it here before getting an email from them.
They never sent any kind of notification. I found out when I started getting payments declined and emails threatening to suspend services
Thanks for using the product -- head of legal and compliance here.
Emails are going out in phases. But if you log into your dashboard, you should be prompted to accept the new terms and re-issue any merchant locked cards.
Some folks will already be on the new product if they signed up during our public beta period, so if you don't hear from us you're likely already on the new card types.
Haven’t heard of you in my Inbox, but singing into my account see all cards marked with a clock icon, see also the Get Started button to new Privacy Cards. It’s confusing, at least I should have received a darn email, right?, maybe it’s cause I’m a free tier member? haven’t been in any privacy.com public beta program. Can’t imagine privacy.com actions towards its users when shit hits the fan for real. Better to leave sooner than later.
> Emails are going out in phases. But if you log into your dashboard, you should be prompted to accept the new terms and re-issue any merchant locked cards.
I love your service, but, sorry, this was just a huge miss. You guys completely goofed on the messaging of this.
Does anyone on HN have experience with this service or a personal comparison with Blur?
I’ve used delete me which works well enough (from the people that make Blur), but I’ve ended up just using the Apple Card which has a tiny amount of the privacy guarantees without a lot of the hassle (and good software).
I’ve been tempted to switch to one of these services though, but I think your data still gets resold by the card processor?
Never heard of Blur, but I've used Privacy.com successfully for... man, maybe five years?
Never had any issues with them. Not one. They always Just Work, their app doesn't change every six months, I hardly ever have to log in. Everything 'Just Works'. They've been great.
The card reset is a tad unfortunate but isn't really an issue since they're all named/branded accordingly.
Adding my voice to this experience. I have been a user for about 2 years, and I love it. I also appreciate that they support non-txt 2fa for login security.
My only quibble is that I wish I could generate a card that I could give to a someone else that had a limit cap but could be used at more than one site/vendor (the current method really wants you to use them at only a single vendor, which is generally exactly what I want). Like an allowance card basically.
Privacy.com has been fantastic for me - AMA.
However I am such a heavy user that this announcement is actually rather annoying. I didn't see an email about it yet either, and could have easily missed that I am going to need to update 10 or so subscriptions this month :/
Can you hook Privacy.com up to a budgeting app that uses e.g. Plaid or Finicity to monitor transactions?
Don't use Plaid.
https://www.reuters.com/legal/litigation/fintech-firm-plaid-...
Not 100% sure since don't use those apps, I actually pay for privacy.com to obfuscate what the money was spent on so my bank doesn't know either in it's budgeting view. But if you don't do that I think budgeting apps should be able to work, since the merchant name is passed through in the transaction metadata. Bank of America correctly categorized transactions before I disabled this, so I imagine your other apps might work.
All my budgeting apps work fine (merchant name can be a little bit of a mess sometimes) since the transactions come through individually in my bank.
Seems weird to label a massive inconvenience as an “Exciting Update”
I had created an account with them right away when they first started, had given them all my information as they required. After a month or so they closed my account due to abuse. All I was doing was to use their service as intended.
I’m not associated with Privacy in anyway. I’ve had a couple of inconvenient things happened to my account, I can’t remember the details right now, but in interacting with their customer support I got the sense that it was algorithms that weren’t tuned correctly yet. That may be what happened with you?
Never found a good alternative to privacy.com, so far their service has always been top notch...
But now I am curious: who else is out there doing what Privacy.com does, similarly or better?
Revolut has disposable cards but those are not exactly the same, because they always get destroyed after one payment rather than being able to keep using it for one merchant. Also on the free plan you can only have one normal and one disposable card active at a time.
"You can pay in more places! Our first version of the Privacy Card worked well for creating one-time use cards, setting spend limits, and locking cards to specific merchants. However, some merchant policies prevented our cards from being accepted online. The new version of our Privacy Cards maintains all of the privacy and security features you love while expanding the places where our cards are accepted."
Google was one of those merchants. I've been using this service for a few years now and it has saved me from so many headaches.
I liked the idea and always wanted to use it more. I actually only used it once because I was dealing with a potential subscription hassle and that card actually got stolen! A bad charge was reported from privacy.com (and of course did not go through).
Pretty cool service.
Well. I seem to be unable to replace the card I created for a purchase with Affirm using the new cards.
A lot of my use case for Privacy.com was avoiding giving out my debit card (and thus, direct debiting against my checking account). If this switch means it no longer enables that (just replaces a credit card), my usage of them drops quite a bit. It's nice to be able to cap a charge against the card I guess, but the level of effort required doesn't really give me the peace of mind needed to warrant it.
Affirm fully supports the use of virtual cards. You can use the app to generate a new visa card for every purchase.
I did. Multiple cards, multiple times. And got rejected each time. My actual debit card worked fine.
The prior Privacy cards worked fine; that's what I had entered beforehand. It's just the new ones I reissued on Privacy that aren't being accepted.
Oh I see, you're talking about linking your affirm account to a debit card for payments? They might be being rejected because they fall into a high fraud category.
No. I'm saying in Affirm, the only options for payment are ACH cards, and debit cards.
I don't like either of those, so previously I used Privacy.com cards. Yes, that meant Privacy.com had access to my bank/debit card details, but they already did (and in general it means one place has my debit cards, rather than every place that eschews credit cards).
Affirm previously accepted cards created with Privacy.com just fine.
However, to prepare for the old cards no longer working (per the article), I just went and had new ones issued on Privacy.com. When I went to put those into Affirm, though, Affirm rejected them with "something went wrong". Multiple cards, multiple attempts, no further data given (both on the site and in the network request).
When I went "uh-oh; I need to actually make sure the Affirm loan gets paid off next month when it goes to bill again", and so inserted my bank's debit card details, it went through fine.
So, Affirm rejected the new Privacy.com cards for me. It accepted my personal debit card just fine.
Affirm wants a debit card so they don’t have to pay credit card interchange fees while using debit card payment rails for instant payment of the loans they’re extending.
They are a credit card company but don’t call the product a credit card. Can’t pay credit cards with credit cards.
It's annoying because many Affirm loans do indeed accept credit cards, but you don't know if it truly will until you have purchased it and set up AutoPay. It seems most pay in 4/small monthly payments will accept credit cards, but my Peloton loan does not allow it.
After moving to Canada, I definitely miss that in Brazil I could just create a one-time card number directly from my bank site, instead of having to rely on 3rd parties that sometimes don't even offer the same service - Canadian privacy.com alternatives seem to offer a pre-paid card, but no 1 time card numbers.
I see the spending limits are still configurable on the new cards.
Does the switch from a pre-paid cards to a charge cards affect the ability for a merchant to collect on balances over the configured limit in some way? Or will those still be declined as it currently is?
Maybe time to check out OneFinance for multi-card/ACH
https://news.ycombinator.com/item?id=28247788#28248539
This has always seemed like a very attractive service to me, although I haven't signed up for it myself.
While some normal credit cards theoretically offer temporary/limited cards as a service, the software/support is so bad I've never been able to make it work with my existing cards.
Have HN'ers (without any financial relationships to the company!) used it? Any reviews? Any downsides?
I’ve been using the free tier for about two years and love it. I’m not associated in any way. It works flawlessly, just as long as the merchant accepts prepaid debit cards. I’ve created hundreds of privacy cards and have only had a couple of merchants not accept them.
As a side note, the integration with 1password (whom I have worked for but no longer) is just :chef_kiss: You can create a privacy card from the merchant’s checking form and it gets saved in 1Password.
Is this just the downstream effect of Visa’s decoupled debit rules ?
https://usa.visa.com/dam/VCOM/download/about-visa/visa-rules...
I know this is not allowed in the USA.
It seems privacy started issuing these "better" cards... a year ago? Maybe slightly less?
I had a bunch of privacy.com cards expire (original customer here) and had to re-generate them. Those cards that I re-generated didn't need to be re-generated _again_ this time.
We offer virtual cards too through AppBind and when I can’t sleep at night, sometimes I do game plan the possibility of what it means if we had to change card partners.
I expect we will see events like this fairly frequently in the next decade.
I feel for them.
Why not setup a backup system with another provider now?
The numbers would still need to change? The first six (soon to be eight) digits of a Visa or Mastercard identify the card issuer.
I had been using privacy.com for around 6 months to pay my Xfinity internet bill. Last month, it stopped working randomly. I wonder if this change will fix my issue.
Any chance going through the process of updating all my cards could earn a Cashback key? :)
So changing the BIN basically forces this reissue.
It says something about a helper tool, but I don't see it in my dashboard.
It is located at privacy.com/reissue
Having never heard of privacy.com, I reflexively laughed at the headline. Just me?
Sorry, I don't follow but feel like I should. At the risk of dissecting the frog[0], could you possibly explain?
[0]
https://www.goodreads.com/quotes/440683-explaining-a-joke-is...