Beware of making credit card purchase in a small online shop. Three credit card frauds happened in little than 2 years.

You're oversimplifying. My company uses Shopify for its credit card processing, as do tens of thousands of other small to medium sized businesses. Your credit card information is safe with them. The problem you're describing seems to be with one specific shop.

Orders are processed directly in the Shopify cart and no credit card information is passed to the store. This ensures that small companies don't have to worry about protecting customer's card information. It also ensures that we cannot charge more than the original authorization or share your card information with anyone else; we simply don't have access to it.

Over the past few years, we have received angry messages from several customers who insisted that we must have been the source of fraudulent charges on their cards, simply because the timing of their purchase coincided with the fraud. In one case, it was incredibly hard to convince the customer that we didn't have access to their financial information; he was hell-bent on "reporting" us to everyone and having us charged with some awful imaginary crime.

Yikes, talk about bad luck. I've only had one card compromised once, and HTV was very good about sorting it out. I never found out where the leak occurred, but like you, assumed a small operator. And, like you, I now rely on PayPay whenever possible.

99% of legit small stores take paypal pretty much the only ones that don't are fake websites or scam websites.

there is also services u can sign up for that can attach ur real cc to and then they generate what is known as a Virtual CC were u can set up a cc number just for that store and set it so it can only charge the exact amount for that order and then the cc number wont work for more charges.

jaybeeg wrote: ↑ You're oversimplifying. My company uses Shopify for its credit card processing, as do tens of thousands of other small to medium sized businesses.

Orders are processed directly in the Shopify cart and no credit card information is passed to the store. This ensures that small companies don't have to worry about protecting customer's card information. It also ensures that we cannot charge more than the original authorization or share your card information with anyone else; we simply don't have access to it.

Over the past few years, we have received angry messages from several customers who insisted that we must have been the source of fraudulent charges on their cards, simply because the timing of their purchase coincided with the fraud. In one case, it was incredibly hard to convince the customer that we didn't have access to their financial information; he was hell-bent on "reporting" us to everyone and having us charged with some awful imaginary crime.

So, my story offends you.

I am not oversimplifying my case. I just don't want to write a long boring story. Then, I want to give you a little of my background. I studied computer security in school and I have been a code monkey in the energy field or financial field for over 20 years. I understand the liability of holding 3rd party information. However, not all companies are like your company.

RobertL130 wrote: ↑ So, my story offends you.

I am not oversimplifying my case. I just don't want to write a long boring story. Then, I want to give you a little of my background. I studied computer security in school and I have been a code monkey in the energy field or financial field for over 20 years. I understand the liability of holding 3rd party information. However, not all companies are like your company.

I'm also a computer engineer and haven't had my CC stolen in 25 years. Sounds like you aren't taking good precautions when using your card and are buying from sketchy sites.

engineered wrote: ↑ I'm also a computer engineer and haven't had my CC stolen in 25 years. Sounds like you aren't taking good precautions when using your card and are buying from sketchy sites.

I had not had my cc number stolen before I used my CCs on that small online shop. To tell you the truth, I don't think someone hacked into their system

What's the "small online shop"? I mean if this situation seems to be isolated to that store, the name is kind of the key ingredient.

Was it Waterbridge by any chance?

Adelie wrote: ↑ Was it Waterbridge by any chance?

Can confirm I had fraud transactions on my credit card after buying from Waterbridge. It made the cookies taste worse for me too.

RobertL130 wrote: ↑ I had not had my cc number stolen before I used my CCs on that small online shop. To tell you the truth, I don't think someone hacked into their system

What site was it?

I mean... A well known Vancouver computer retailer used to store credit card info in clear text.
I don't know how OP defines "small online shop" but this particular location was basically one of the biggest go to places in Canada to buy computer parts.
They had numerous locations in Vancouver.

RobertL130 wrote: ↑Beware of making credit card purchase in a small online shop. Three credit card frauds happened in little than 2 years.

How is this any different from making in-person purchases at small B&M shops like convenience stores, gas stations, restaurants, etc. and/or independent ATMs in those establishments where someone has attached a skimmer to the card reader or the attendant swipes your card on two different readers?

There's always a risk with using CCs. That's why the issuers will indemnify you for fraudulent use.

bylo wrote: ↑ How is this any different from making in-person purchases at small B&M shops like convenience stores, gas stations, restaurants, etc. and/or independent ATMs in those establishments where someone has attached a skimmer to the card reader or the attendant swipes your card on two different readers?

There's always a risk with using CCs. That's why the issuers will indemnify you for fraudulent use.

You are right. At first, I thought it was a skimmer in a gas station or my church's careless mistake. As I said, it was my second CC that gave me an idea. Anyway, if it was in-person purchases, you would have more control.

death_hawk wrote: ↑ I mean... A well known Vancouver computer retailer used to store credit card info in clear text.
I don't know how OP defines "small online shop" but this particular location was basically one of the biggest go to places in Canada to buy computer parts.
They had numerous locations in Vancouver.

Ya, I know the story. Then, I guess you don't know those IT shops like ATIC, a-power ,,,,, Do you think they are DELL or Best Buy?
BTW, just the cleartext and other stuff really give our community a bad name

bylo wrote: ↑ How is this any different from making in-person purchases at small B&M shops like convenience stores, gas stations, restaurants, etc. and/or independent ATMs in those establishments where someone has attached a skimmer to the card reader or the attendant swipes your card on two different readers?

There's always a risk with using CCs. That's why the issuers will indemnify you for fraudulent use.

It's not even limited to small B&M shops. Credit card skimmers get installed at places like McDonald's and even at bank branch ATMs. I think the growth of tap-to-pay has reduced this type of fraud, though.

psyko514 wrote: ↑ It's not even limited to small B&M shops. Credit card skimmers get installed at places like McDonald's and even at bank branch ATMs. I think the growth of tap-to-pay has reduced this type of fraud, though.

I do realize that. But the thread is about "small online shops" so it seemed appropriate to point out that it's hardly restricted to "online." While it's also not restricted to "small," based on media reports my impression is that small is more likely than large. Small shops are also more susceptible to insider help using techniques like secondary card readers.

FWIW the few times my CCs have shown unauthorized charges they've been from large stores, e.g. some random WalMart in some US state I haven't even visited in many years. But my experience represents a very small sample size.

bylo wrote: ↑ I do realize that. But the thread is about "small online shops" so it seemed appropriate to point out that it's hardly restricted to "online." While it's also not restricted to "small," based on media reports my impression is that small is more likely than large. Small shops are also more susceptible to insider help using techniques like secondary card readers.

FWIW the few times my CCs have shown unauthorized charges they've been from large stores, e.g. some random WalMart in some US state I haven't even visited in many years. But my experience represents a very small sample size.

They got your CCs # and made purchases from large stores (online ??)

RobertL130 wrote: ↑ So, my story offends you.

I am not oversimplifying my case. I just don't want to write a long boring story. Then, I want to give you a little of my background. I studied computer security in school and I have been a code monkey in the energy field or financial field for over 20 years. I understand the liability of holding 3rd party information. However, not all companies are like your company.

What are the small shops you've used your card on that you are convinced was the source of your card being compromised? I used to get calls from my bank (3 days after they shut all my cards off) stating that they shut them off due to being used at a place being investigated for card copying or fraud. Not once did I ever have any unauthorized charges appear except for a Costco (CapitalOne) Mastercard which I only ever used at costco and after 3 months, compromised and $600+ in charges from JUSTEAT (Whom I never had an account with). This was around 5 years ago and hasn't happened since.

What @jaybeeg is telling you is fact. I don't think he was offended, he's telling you literally how it is and you turn around and basically say he knows nothing? You didn't offend him, you got angry because you were given facts on how it works.

I myself accept e-transfer, bitcoin, credit card (paypal) and cash within my business. If a customer paid me via paypal and a credit card and their card got compromised should I be blamed? Not at all.


So please, what are these small shops you are using that you believe are the source of the issue?

I avoid buying from small shops if they don't specify that they run on Shopify (Stripe) or allow PayPal.

Also, I google the store or company to see if others have had issues.

Other than that, buy from big platforms like Amazon or eBay where the merchant cannot access your CC info. It doesn't mean your info cannot be compromised. But it does cut out a lot of potential bad actors.