Privacy: Virtual Credit Card Numbers

Overview

I’ve always found it frustrating that a credit card number is static – in other words it can not easily be changed by the owner to prevent duplication by anyone with access to the card (i.e. waiter, convenience store worker, etc).

Today I re-discovered that some Citi Credit cards have the option of generating separate virtual credit cards for use on individual purchases (this option was removed at one point). This is a great boon to security – especially when needing to make a purchase from a ‘less than reputable’ site online.

Below we will look at my two favorite options for creating virtual credit cards, and then we will take a look at the benefits of using these virtual cards:

Option 1: Privacy.com

There may be other similar services, but I’ve enjoyed using the free service of Privacy.com (This is a referral link) to generate virtual credit cards. Use cases may include scenarios like:

  • Limit a subscription service to a certain amount each month – and if they raise the cost, the auto-payment will fail.
  • Create a one-time use credit card for one-off purchases
  • Keep your own bank from knowing what you purchase (all they see is that you purchased something from privacy.com!

How do they make their money?

If you’re wondering how they make their money, they take the place of the Credit Card Companies and charge the vendor a small fee (You don’t incur any additional charges).

Requirements to use Privacy.com

It requires you to provide the details of your debit card or a checking account.

How it works

Using the Privacy.com website, a mobile App, or a browser extension (the most useful), you can generate any number of virtual credit cards with various parameters. The browser extension is the most useful because it will automatically detect credit card fields and auto-generate a card for you and fill the credit card fields automatically (It’s like magic)!

Yes, I realize that I’m giving up some privacy in handing over my debit card information to privacy.com, but I personally find it a worth-while trade off.

Creating a New Virtual Card
Add Optional Spending Limit
My Virtual Card (Don’t worry, I deleted it after creating it!)

Option 2: Virtual Account Numbers

This option is dependent upon your Credit Card provider having this feature. Currently I know that CitiCard is working on an improvement to the usability of generating virtual card numbers. There is an existing method but it is rather clunky, outdated, and not very quick since it requires you to be logged into the CitiCard website to generate each virtual card number:

Benefits of Virtual Credit Cars

  • You can close the virtual card at any time or modify the spending limit.
  • If you are asked for a name/address when using the card, you can enter anything and the card won’t be rejected! (Privacy.com cards only)
  • There are small cash-back bonuses when using the privacy.com cards.(Privacy.com cards only)
  • When purchasing using a Privacy.com virtual card, even your own bank (issuer of the debit card) won’t know what, or from who you are purchasing! The transactions will show up in your bank like:

What, Why, When, and How Nextcloud

What is Nextcloud?

TLDR: A Nextcloud description is below, but why not just check out the demo!

Nextcloud is a Free and Open Source Software (FOSS) that provides an enterprise grade all-in-one solution for file storage, collaboration, meetings, etc. Over the past few years Nextcloud has come a long way and is now my recommended solution for anyone seriously interested in hosting their own data with privacy and security in mind. Nextcloud is made up of many, many apps that can be installed as needed. Some of the apps include:

A sampling of a few Nextcloud apps
  • Files (This is installed by default and aids in storing/sharing/managing your files)
  • Calendar (This uses WebDav and can be synced to other devices more on this in a later post)
  • Tasks (This also can be synced using WebDav to other devices like MacOS/iOS Reminders)
  • Gallery (This helps with managing your photos in a centralized location)
  • Maps (Directions, pinning locations, mapping where your photos were taken, etc)
  • Contacts (Address book that uses WebDav to sync with other devices)
  • Bookmarks (Bookmark storage that can be synced to your browser using Floccus)
  • Talk (Meeting software like Zoom or Jitsi, no Nextcloud account needed to join calls!)
  • Mail (A very functional Mail client application with encryption, multiple accounts, etc)
  • Other features:
    • 2 Factor Authentication
    • File Sharing policies (timeframe, encryption options, public link expiration, etc)
    • LDAP user/group managment
    • Automated updates & Security audits
    • Forms
    • Polls
    • Project Management
    • Social Plugins
    • Password Manager
    • Many others (See the Nextcloud App Store)

Why Nextcloud?

Why use Nextcloud? Simply put: data privacy. Nextcloud provides a private and secure vault for all your personal information. No need to worry about Google reading your emails and using your photos for machine learning purposes. No need to pay Dropbox or any other cloud storage company a monthly fee for storing your files on a server you have no control over. Nextcloud makes it easier to take responsibility for your own data so you know where it resides. If you’re still not convinced, check out Nextcloud’s reasoning.

When Nextcloud

Given my bullish stance on Nextcloud, I would also like to make clear that Nextcloud isn’t for everyone. It does require some technical experience and a use case that is worth while. Nextcloud works best and is most enjoyable when it is used for more than just a few files. Casual or non-technical Nextcloud users would be better off signing up with a Nextcloud provider rather then self-hosting it since the providers will handle the configuration and hosting of the storage (this however does reduce your visibility in where and how your data is stored). An alternative to a cloud provider is to buy a dedicated, pre-configured piece of Nextcloud hardware with some tech support.

How Nextcloud

Requirements

Memory Required: 512MB

Nextcloud can be installed in a variety of ways. My preferred method is using the per-configured virtual appliance, but other methods include docker, Ubuntu snap, web-server script, archive extraction. Detailed installation instructions can be found in the Nextcloud Docs, but a simple rundown of the installation methods are listed below:

Appliance

Virtual Machine (My preferred method)

I prefer this method since it allows me to take easy snapshots/backups of the entire Nextcloud environment. This gives me peace of mind so I can be sure I can rollback to a point in time if anything goes wrong.

  1. Download the Virtual Machine (There are also advanced-configured VMs here)
  2. Setup a VM in your favorite Hypervisor (Proxmox, Hyper-V, VirtualBox, VMWare, etc)
  3. Import the downloaded Virtual Machine file and start the virtual machine (check the console)
  4. Login to the pre-configured Nextcloud instance and enjoy!

Appliance: Docker (Great for those already using Docker)

For those already using docker, this method may be appealing. I avoided this option primarily because it didn’t have a very clean docker-compose setup.

  1. On a docker-enabled machine run `docker run -d -p 8080:80 nextcloud`
  2. Alternatively, if you use docker-compose, start with this template:
version: '2'

volumes:
  nextcloud:
  db:

services:
  db:
    image: mariadb
    restart: always
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=
      - MYSQL_PASSWORD=
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud

  app:
    image: nextcloud
    restart: always
    ports:
      - 8080:80
    links:
      - db
    volumes:
      - nextcloud:/var/www/html
    environment:
      - MYSQL_PASSWORD=
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_HOST=db

Appliance: Ubuntu Snap (Easy for Beginners, but not recommended!)

This installation method is very easy but does have some drawbacks. From my experience, updates are slower to be released to the Nextcloud ubuntu snap distribution and often has issues with edge cases (I’ve noticed this with Collabora docs). It is also very difficult to migrate Nextcloud from a snap installation to a different installation method (I learned this the hard way!).

  1. Setup an ubuntu machine with snap enabled.
  2. Run `snap install nextcloud`
  3. Follow the installation steps and enjoy.

Web Installer (Good for C-Panel style web-hosting)

  1. Download the php script from the Nextcloud Site
  2. Upload the php scrip to your web server
  3. Point your browser to the php script
  4. Walk through the installation wizard (default user: ncadmin default password: nextcloud)
  5. Enjoy!

Manual Archive File Installation (Most Difficult)

  1. Download the Archive from the Nextcloud site
  2. Extract the archive file to an accessible location on your web server
  3. Configure Apache webserver
  4. Configure SSL
  5. Walk through installation wizard

Enjoy Nextcloud!

‘Don’t be Evil’ Isn’t enough for me!

Introduction to Home Assistant

Everyone likes home automation – if it works! We’ve all been excited about that smart switch or wireless light that we can control from anywhere in the world, but how great is it really? For a few ‘smart’ devices it may seem work well, but once you begin to accumulate more than a handful of devices you will quickly begin to realize that you have as many apps as you do smart devices and you will begin to start asking questions like:

  • Which app controls which device?
  • Do I have to download all these apps for each member of my family?
  • Wouldn’t it be nice if I could control all my smart devices with a single app?
  • Why can’t I connect my smart devices together?

All of these questions can be answered with a tool called Home Assistant. In the most basic of terms, Home Assistant is a tool that pulls all of your smart devices into a single app. I will save the details of Home Assistant future posts, but it aims to do the following and much more:

  • Be Free and Open Source (FOSS)
  • Improve your privacy by reducing the need for internet based cloud services
  • Control all the smart devices in your home from a central location
  • Connect smart devices in your home in order to trigger perform actions like: When there is motion in the hallway, turn on the light
  • Provide a single app (web or mobile) to control and manage all your smart devices

Home Assistant may not be the ‘silver bullet’ for every situation, but I am willing to say that it is unequivocally the best home automation solution available today (as of 2020). Anyone interested in taking the next step in home automation should consider Home Assistant. Stay tuned and in the near future we will be discussing how to get started using this great tool, and why it is (in my opinion) superior, but friendly with other alternatives like Hubitat, SmartThings, and HomeKit.

white and gray Google smart speaker and two black speakers
Photo by Sebastian Scholz (Nuki) on Unsplash

(Full disclosure: I was not paid or in any way incentivized to speak so highly of Home Assistant)