Share credit card transactions at own risk

Share credit card transactions at own risk

Summary: New social networking site allows members to share credit card transactions a la Facebook updates, but security expert cautions users of risks.

SHARE:
TOPICS: CXO, Browser
0

A new social networking site that allows users to share their credit card transactions online could expose consumers to unnecessary risk, warns a security expert.

Members of the site, dubbed Blippy, can broadcast their transactions and details of their purchases in the form of Facebook-like updates. Users do so by providing the site with details of their credit and debit cards, as well as accounts at online stores such as Amazon and Apple's iTunes store.

Source: Blippy

The Blippy service, which is currently in beta, will show where users spent their money, the products they bought and identify other users that bought the same item and compare prices. Members can also comment on the transactions made by other users, as well as make comparisons with their own purchases.

IT security vendor Symantec, however, has frowned upon the service. Ronnie Ng, manager of systems engineering at the company's Singapore office, said the risks involved in sharing credit card transactions far outweigh benefits the service may offer.

"Just think, would you prefer finding out about a better deal on books by your favorite author, or have your personal information sold on the black market and used illegitimately?" Ng said in an e-mail interview with ZDNet Asia.

"The key security issue that could arise from services like Blippy, is the risk of a data breach and loss of confidential information," he explained. "Such sites may not have the necessary data loss prevention or encryption technology in place to safeguard the personal information that they are privy to."

Potential user concerns
When contacted, one social media user said she would like to try out Blippy to "flaunt" or share her smaller purchases with her friends. However, she highlighted some concerns regarding the service.

"From sharing my purchase information, my friends will know what I've got so that they will avoid buying me that same book or item for my birthday or Christmas," Nicole Nilar, an interactive marketing executive at a Singapore-based advertising firm, told ZDNet Asia in an e-mail interview. "And it can help me keep track of my spending in a very simple way."

"However, I'm concerned about the security of the transaction. Will Blippy capture other information about my credit card?" she questioned. "Also, can I customize each status before posting to the 'wall' for everyone to see? I definitely don't want people to see if I spend big money or purchase private items or services."

"Lastly, I'm concerned about my after-purchase emotions. What if I find out [from comparing payment details] that there are much cheaper places to get the item that I just bought? This makes me feel bad since I paid much more to get the same item," Nilar said.

According to a report by ZDNet Asia's sister site CNET news.com, Blippy members can "pause" and stop data collection on the site.

Dangers of social networking sites
Symantec's Ng cautioned that social networking sites are "increasingly attractive target for cybercriminals to harvest confidential information".

"Social networking sites combine two factors that make for an ideal target for online criminal activity: a massive number of users, and a high level of trust among those users," he noted.

"With confidential information a key target of malicious attacks, users need to exercise extreme caution when sharing information on their social networks--whether it is their current location, or more personal information such as contact numbers, identity card or social security numbers, and credit card information," he added.

Facebook previously offered a service similar to Blippy. Called Beacon, the feature updates Facebook members' friends about their purchases and other activities on third-party Web sites. However, the service was discontinued in September 2009 after a class action lawsuit alleging privacy violations.

Topics: CXO, Browser

Liau Yun Qing

About Liau Yun Qing

The only journalist in the team without a Western name, Yun Qing hails from the mountainy Malaysian state, Sabah. She currently covers the hardware and networking beats, as well as everything else that falls into her lap, at ZDNet Asia. Her RSS feed includes tech news sites and most of the Cheezburger network. She is also a cheapskate masquerading as a group-buying addict.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion