Credit card alternative for online payment

Hey y’all!

TL;DR: I am getting rid of my credit card. What’s the best (secure, most-accepted) alternative for paying stuff online, like for example DCS modules?

Long version:
I have had a MasterCard for around ten years now, and I have used it exclusively for paying stuff online, as it was the only possibility to pay for many things back then.
PayPal, Amazon payments and similar stuff weren’t a thing back then (or in their infancy) and credit cards were standard. I got a MasterCard Gold because it is pretty safe, in case you lose it or somebody steals and even misuses it you pay a maximum of 50€ and that’s it.
It was also easy to use, basically every shop accepted it, often even through safer methods such as SagePay or the like, so shops don’t even get the number.

I also did not have to share anything except my name and credit card number with the world, I wouldn’t like to replace it by giving someone my bank account information.

All was good. I bought almost everything online using it including all my DCSW modules.

Outside of the Internet I didn’t use the card at all. It might sound silly but for some reason I trust the offline world a bit more (or way less) so I pay with my EC card or the old fashioned way, with good old money.

A few years ago things changed a bit. MasterCard introduced a 2-factor authentication for some web shops. That basically just meant that for paying in an online shop there was a safe redirect to a MasterCard site where I entered an additional password. Not every shop used it but many German ones at least did.

So far so good.
But now things changed again.
This year they removed the password option. Now they only give me two options:

• authenticate via SMS. nope. Mobile phones are probably the most malware- and spyware-ridden pieces of hardware in the history of mankind. I am not using them for anything important, and surely not for anything related to banking.
• authenticate via app. Ahahahaha nope, that’s even worse than the first option!

I have a background in security related IT. The BSI (German federal office for information security) is not even known for being top notch, but even they classify both options as not secure.
And that’s ignoring the fact that I cannot use my credit card anymore if I lose my phone or it dies, or something like that. That’s crap.

So the best option is getting rid of the card, which I will do next week.

The question that arises is: what should I use instead?
It must be widely accepted, reasonably secure or throwaway, and it should not require me to register with any personal information except my name and/or an email address. It must not require any other device such as a mobile phone to be used.
I don’t use it much (less than 10 times a year, and most likely for a DCSW module or something from the X-plane store, stuff like that) so it should be accepted there, and it shouldn’t require regular use or have an annual fee or something, although I can live with a fee, the credit card had one as well.

I am eyeing PayPal especially, but I am not sure it qualifies.
Amazon payment could work well because I have an Amazon account anyway, but it seems it isn’t as widely accepted (for example in the DCSW shop).

Any input/ideas/remarks are appreciated.

Everyone takes VISA. There are also a few thousand different VISA’s and not sure what the options may be available to you there, but I’ve been reasonably please with Capital One for online purchases. If something questionable does come up they decline the charge and send notification to make sure it was you, usually email and text. I believe if you don’t respond they do actually call you or you can call them if you don’t feel comfortable responding through either option.

At the very least the first DCS or IL-2 purchase will probably ping an alarm the first time (probably due to country of origin of the charges). I did have someone take my card number once (from a brick and mortar store) and it was shut down quickly and I wasn’t liable for any amount that was charged.

Everyone’s experience is different of course, but I’ve been pleased

I would stick with a credit card - Visa or MasterCard probably doesn’t matter.

If you don’t have a credit card, that means any other service you use is directly tied to your actual bank account - and if the security on the credit card scares you, do you really want a link to your hard earned cash? For example, that how you would load your “PayPal wallet”, or it draws from your account directly.

The benefit of the credit cards like Mudcat mentioned is fraud controls. In fact, Visa will reimburse any fraudulent charges - I’ve had it done once before and so did a couple of my friends.

Another friend of mine did the Visa-Debit thing (visa’s technology to use your bank card like a credit card online) and it got hacked/stolen. Then he had to argue with the bank to get his money back…much scarier thought. If your C/C gets stolen, you at least have until the next statement date to fight them if for some reason they don’t want to reimburse you.

For PayPal I think there is an option for them to draw money from my account, but I wouldn’t use that.

I would probably just transfer the needed amount into the PayPal wallet using a regular transfer.
I am aware that this still means that PayPal knows my bank account number, but PayPal is basically like a bank so that’s not too different from the MasterCard service now, which also has that data.

I definitely want to have a middle man between me and the shops I order from. The really annoying thing is that MasterCard wants to use my phone as authentication and I fear it will be the same with other credit cards, since the BaFin (German federal financial supervisory authority) obviously forces banks to migrate to that new phone based authentication standard. (The forces of corruption are strong…)

I already made an appointment with my bank to talk that through. But from what I read it will be the same for all credit cards in Europe soon.

On the other hand: PayPal is based on email addresses. Like a phone it is possible to lose those.
But then it wouldn’t matter much because

• chances are very high the wallet will be empty anyway
• I can make a new PayPal account with a new email address

(Is the above true? I am not fully sure)

I’d be afraid of losing access to a Paypal account with the bank data. Now, if you can buy prepaid PayPal gift cards or something and use those to load it - why not?

Edit: Apparently there is a PayPal “MyCash” card.

There are prepaid credit cards too, but you can never fully clean them off, and maybe they will end up with the same authentication.

Holy carp*, what a nightmare. Hopefully the US doesn’t adopt those insane authentication processes exclusively.

Wheels

The thing is: I am all for 2 factor authentication, but only if it improves security.
The chipTAN method is very good. Banks all over Germany use it for creating TANs for online banking. It is a small offline device that uses the EC card’s chip to create a TAN based on the transaction itself. Easy to use and very safe.

But an app on a phone? Nope.
The only pretty safe way would be to get a very old phone from the 1990s and a separate SIM card and only use it with the SMS method.
But… no thanks.

I was going to offer that if you send me cash and a modest handling fee (call it 200% of the purchase price) I’d be happy to put my credit card at risk and pay for you.

Seriously though…I have had my credit card compromised several times. All were essentially “inside jobs” that dealt with my using a credit card at a physical location (store or restaurant) - an employee somewhere on the transaction stealing the card info and selling it. I have never had an incident that was traced back to an on-line purchase. (Knock on wood)

In each incident, quick detection was the key to a happy resolution. My wife check our credit card data each morning. Our bank immediately/automatically flags questionable purchases.

A long way to say that one is never 100% protected, no matter what you choose. For me, daily vigilance and having a good bank are the important aspects.

I had my card used fraudulently a couple times over the years, the bank always refunded me the money. I make a point of using a credit card online for this reason, it’s not actually my bank account.

Sure the thieves got away with some purchases, but it wasn’t my money.

Thanks for the comments, guys!
I never had problems with my credit card either.
I just want to note that this is not mainly about credit card security itself, more about the fact that they want to force me to couple it with my phone, which is not acceptable for me.
We live in a time in which all kinds of personal data are heavily misused, and I want to minimize that, which is part of the reason why I am searching for alternatives.

Many good suggestions here. I myself would just find a different credit card. For myself, my wife and I use one credit card for online purchases only and it is limited in terms of balance available. That way easy to track, easy to find fraud. We’ve had fraud maybe 2-3 times over the years but it was caught quickly and resolved to our satisfaction at no cost to us.

I have VISA, non of the hassle and all of the security…