---

@yfan wrote:

---

@Anonymous wrote:

---

@yfan wrote:

Seems to me that this is about a transition to/push for digital wallets, which add tokenization, essentially fulfilling the purpose of keeping the actual card number hidden from payees. In the US, mobile pay and contactless payments lag badly behind other countries, and banks may be trying to shore them up - I say this because this move comes on the heels of BofA beginning to replace existing cards with contactless ones.

---

Except that does zero for online shopping which is exactly what these virtual cards safeguard. Tokenization is a wonderful thing but it hasn’t taken off at all in the online world. There is still a need for actual credit card numbers. 

---

Actually, digital wallet services like Google Pay, Paypal and Apple Pay (or less commonly used ones like Visa Checkout) do not transmit your original credit card information to merchants. The problem is, though, that while digital wallet acceptance is growing, it is still wanting and very inconsistent across the web.

---

Is that not what I just said? How do you think I am going to know what tokenization is and not know how it works? My point is that using mobile wallets online is not very widespread which means there is still a place for services that offer virtual card numbers for the millions of sites that don’t take a mobile wallet for payment. 

---

@Anonymous wrote:

Since I have no BoA cards and am not familiar with this feature that's being eliminated in the near future, can some give me a brief rundown of how it worked?

---

It let you create virtual card numbers with user definable spending limits and expiration dates to use for online purchases where you have to specify a CC #.  The purchases would go on your BoA card, but would be constrained to the limits you set.  You could also close a number at any time or just let it expire, or set up a number for recurring charges.

The benefit of course is you didn't have to share your real CC # on websites that might have questionable security.  If a breach happens, they would only get the virtual card # which either wouldn't work at all or would only work for a short time/small amount.

Tokenization, which is how chips and tap work, are fine for card-present transactions, but for online it doesn't work.  Online wallets get around this, but many sites don't support them, or only support certain ones like Apple Pay.

---

@Anonymous wrote:

---

The benefit of course is you didn't have to share your real CC # on websites that might have questionable security.  If a breach happens, they would only get the virtual card # which either wouldn't work at all or would only work for a short time/small amount.

I know some of these virtual number services also had a rule/feature/limitation that the first merchant to use that number would be the only one who could use it.  Maybe Citi's did that, I can't recall exactly.  Not even sure if it still does such.  This was pretty safe, such that even if a merchant lost the number, someone else couldn't use it.

Which really just saved you from then calling the credit card bank to dispute the charge, or more like today, clicking something to dispute a charge.