Linking “real-world” purchases to online users is one of the holy grails of Internet marketing. Current advertising companies are already able to link online activity to advertisements. Linking offline purchases on the other hand would push behavioral targeting to another level.

Both credit card companies interestingly enough confirmed that they are exploring ways of using transactional data for targeted online advertisements. A Visa patent application in April for instance revealed plans to use personal details to create online profiles for ad targeting, with personal details taken from a variety of sources including “information from social network websites, information from credit bureaus, information from search engines, information about insurance claims, information from DNA databanks”.

A Master Card spokesman stated that the company “doesn’t collect card-holders’ names or contact information in transactions it processes”, and that it therefor “doesn’t connect an individual’s Web-surfing activity to their specific cardholder transaction data or provide outside companies with individuals’ transaction data”.

According to the Wall Street Journal article, both companies said that the plans are preliminary. Master Card and Visa are not the only two credit card processing companies that use the billions of credit card transactions for marketing. Most companies disclose in their privacy policies that they may share personal information with third party companies.

Master Card credit card holders can opt-opt of a variety of marketing and tracking related programs. This includes opting-out from the anonymization of personal information to perform data analyzes and from a unique web analytics cookie to avoid the aggregation and analysis of data collected.

The best way to protect yourself? Pay with cash whenever possible. What’s your take on this?

This never happened to me before and I suspected foul play for a short period of time. The screen asked me to enter my birthday and the last four digits of the associated bank account. To make matters worse, the setup returned an error and I could not complete the transaction.

I then decided to do some research on MasterCard SecureCode to find out what it was all about, and to monitor my credit card statement more closely in the coming weeks.

MasterCard SecureCode is explained on the MasterCard website. It is a private code to make online transactions more secure. The code is entered during transactions as a secondary means of authorization. Unlike the credit card number, expiration date and verification code, it is not submitted to the merchant, but to MasterCard directly.

It looks like a two-factor authentication on first glance. When you look closer though, you will notice that merchants benefit way more from it than credit card owners. Why? If someone steals your credit card information, they can still use the card in places and locations that do not support the SecureCode.

Merchants on the other hand that have implemented SecureCode as part of their checkout process, know that the actual owner of the credit card is making that transaction. That is, unless the thief managed to steal the MasterCard SecureCode as well from the user.

Credit card owners know on the other hand can be sure that a merchant is legit if SecureCode is supported. That’s the only benefit they have.

MasterCard owners can sign up for a Securecode at the MasterCard website, or during the checkout process (which did not work for me).

Have you encountered MasterCard SecureCode yet on an online shipping tour?

First thing I did last year was to check in on the site to verify that my credit card information are correct. Which they were, not a huge surprise considering that I have not used or changed the data in one year’s time. Next thing I try is to make a manual payment on the Wiredtree Grove website, with the same result.

I get the dreaded authorization failed error on the page. That’s bad, considering that delays in payment of the invoice could mean that the server Ghacks is running on could be taken offline by the company until a payment clears.

So what can I do? I call the Mastercard hotline in my country where I have to wait a good ten minutes or so before I have to go through a ridiculous authorization process (card number, name, birthday, address, three digits of the linked bank account number). I then get the following explanation (every year, actually more often as I sometimes buy expensive stuff on the Internet, have to call them all the time).

Mastercard has an automatic fraud detection system in place that blocks payments that break a pattern or look suspicious. My payment to the web hosting company Wiredtree is apparently looking like a fraudulent payment. The only possible explanation that I have for this is that it is a four-digit payment to a foreign country. The service agent offers to disable the fraud protection for the next 24 hours or 3 days so that I can make the payment.

I’m curious and want to know if there is a way to whitelist select companies, but that is apparently not possible. The system is also not capable of learning from past year’s payments. I mean, I pay the hoster once a year at the same time. Should not an automatic system be able to come to the conclusion that the payment is legit if it happened in past years as well?

I ask the agent about options. The only option for me to make sure that the automatic payment gets through is to call them a day earlier to remove the automatic fraud checking for three days from the account. That’s ridiculous, don’t you think? To make things worse, you have to pay for that call.

Have you ever had problems with your credit card and online payments? Let me know in the comments. Oh, and hosting for Ghacks is paid in full for a whole year, so no worries in this regard. Until next year, that is.

At the event held in New York, Google executives also demonstrated their newly invented technology and made transactions with it using a Google Nexus smart phone. They also introduced the e-coupons and executives were hopeful that one day you would be able to stop carrying cards altogether and carry everything from your driver’s license to your insurance card on your smartphone.
The Smartphones that can be used as eWallet are equipped with NFC technology, which is based on NXP PN65 chip from NXP Semiconductors.

Google’s representatives claimed that eWallet is completely secure and that there is an exceedingly small chance that your credit card information can be compromised. The NFC chip can only be turned on when the consumers wants it to be. This means that hackers won’t be able to sniff the personal information associated with your eWallet.

Google is partnering with CitiBank, Mastercard, Subway, Macy’s, American Eagle and Sprint for their new NFC Technology. Google also called upon other big guns in the industry to partner with them in order to provide this service to a wider array of consumers.

Trials of Google eWallet began Thursday in New York and San Francisco initially, but according to sources they will be expanded to other cities soon.

Mark Beccue, senior analyst at ABI Research, said that the groundbreaking part of this announcement is that Google’s committed to moving NFC forward, but there’s no single NFC standard yet.

Initially, it works on Samsung Nexus phones with Android OS and can only be used with a MasterCard credit card. Some sources claim that Google is trying to get other Credit Card companies to come on board as well, to extend the services and also as an effort to serve a larger consumer base.

Google eWallet is compatible with MasterCard PayPass as well, which is widely accepted throughout the world. To be a part of Google’s venture, the retailer must have a MasterCard PayPass hand held device as well, and there are about 120,000 which retailers have it in US.
To pay their bills, the Google eWallet users would just have to tap their phone when the cashier asks for payment. For any purchase above $100, you will have to enter a confirmation code which would be sent to you via text message or email. The reason for this security check is to prevent unauthorized usage of your eWallet in case the original owner loses it.

On Thursday, Google also announced Google Offers, e-coupons for shopping. eWallet is expected to enter into full fledge service by 2013.

What do you think of this newest technology? Is it just a natural extension of the smart phone, or is it an opportunity for more and more invasion of our privacy from the big names?

Dante send me this interesting article from Techworld that describes the mechanism behind selling Credit Cards. They are sold in so called dumps which seems to be packs of one hundred numbers starting from $10 per 100 for regular Visa and Mastercard Credit Cards up to $150 for European Gold and Platinum cards.

Techworld calls it a Credit Card Supermarket which does not seem to fit the website at all in my opinion. It looks pretty spammy, probably to keep regular visitors from exploring the website. I think it is interesting to note that there is no obvious way to contact the sellers other than to reply with a comment on your own which would make a seller pretty vulnerable to investigations unless they take extra precautions.