En español | A virtual credit card is an electronic payment solution that lets you shop online or over the telephone while reducing the worry that hackers might steal your credit card information.
And given the recent spate of card-related security breaches at merchants such as Target, Michaels and Neiman Marcus, virtual credit cards should be pretty popular with individuals and institutions alike.
That's because virtual cards — which mask your real credit card numbers — have a number of drawbacks that give consumers and banks pause.
"Part of it is a lack of familiarity" by consumers, says Doug Johnson, a vice president and senior adviser for risk management policy at the American Bankers Association in Washington.
"Another part of it is momentum among consumers with the credit cards they presently use, which are very convenient and which often have benefits attached to them," Johnson says.
How virtual credit cards work
Virtual credit cards, also known as "single use" or "disposable" cards, provide extra safety for people making Web- or telephone-based purchases — transactions in which you don't have to show your physical credit card.
The cards offer a randomly generated substitute account number used in place of your true credit card number.
When you're shopping online and ready to make a purchase, you request a virtual card from your bank. At that point, you typically know how much you're going to spend. So when you request a virtual card, you set the maximum amount that can be used. (Your spending limit is typically tied to the credit limit on your real credit card.) You can also set an expiration date, after which the virtual card is no longer valid.
And once you buy something, the disposable card can't be used again.
That means you can shop online without ever using your real credit card number — thereby thwarting identity thieves trying to swipe your sensitive information.
All that sounds great, yet consumers who have shopped with disposable credit cards complain that they're overly cumbersome and time-consuming to use.
For instance, single-use credit cards often require extra clicks during the shopping process, or additional log-ins for added security, or sometimes even a call to a customer's home phone to verify the transaction.
All this slows the shopping experience.
"There's a great level of comfort in the existing convenience associated with using credit and debit cards," says Johnson. "Anytime you try to convince consumers that it's worth their while to do something different than what they normally do, that's a tough proposition."
Getting a virtual credit card
One upside of virtual credit cards, besides their security features, is that they're free.
To use one for an online transaction, you first must obtain a single-use credit card number from your credit card company, if it offers them.
American Express did away with its virtual card offering a few years ago. Now, only a handful of major banks offer virtual cards, and their numbers are dwindling.
Citi still offers disguised credit card numbers, known as VAN or Virtual Account Numbers, to its clients who are shopping online or by mail order.
Bank of America provides its online banking customers with a service called ShopSafe that lets people make secure Web-based purchases, as well as ongoing monthly payments, with a virtual credit account.
But Discover, which had long offered virtual cards known as Secure Online Account Numbers, is discontinuing them as of March 14.
"Regrettably, the technology on which Secure Online Account Numbers are based is owned by MasterCard and no longer available to us, so we are unable to continue to offer it to cardmembers," Discover said.
Suppliers of virtual cards use proprietary technology from a company called Orbiscom, a Dublin-based payment processing company that was acquired by MasterCard in 2009.
A tough sell to consumers
Ben Woolsey, president of CreditCardForum.com, says it's difficult to get consumers to master all the basic benefits of a credit card, let alone more complicated offerings like virtual cards.
"Regardless of how much banks tried to advertise the availability of this service, they couldn't break through a certain limited awareness of virtual credit cards by their customers," Woolsey says. "Not to mention overcoming the inertia of going through all the necessary steps to set them up and use them among those who are aware," he says.
And even among those individuals, there's typically only "a certain subset of users who would care enough to sign up," Woolsey says.
Woolsey says several other issues have also prevented these cards from gaining widespread popularity.
"They can make returns and disputed charges with merchants problematic," Woolsey says. "With most returns [of purchases] made with a credit card, stores refund it back on a card. But they can't with a one-time use number."
Depending on a merchant's return policies, store credit may be issued in lieu of refunds. In other cases, consumers may be able to get refunds by check.
To deal with the potential hassles in the event of a return or refund request, Woolsey recommends keeping all electronic receipts, confirmation numbers or other documentation about purchases made via a virtual account number.
He and others say that Americans also aren't motivated to use disposable credit cards because consumers know they won't be held responsible for fraudulent charges.
Thanks to the Truth in Lending Act, liability for any unauthorized purchases made before you report a lost or stolen credit card generally is limited to $50. What's more, most major banks offer "zero liability" protection for fraudulent charges reported within 60 days. So in the event your card is compromised, you generally won't be on the hook for any amount as long as you promptly report the charges.
Another limitation of single-use cards: You can't use virtual card numbers inside retail stores or at any merchant where you need to show a physical card as proof, such as a hotel, car rental agency or movie theater.
"Virtual account numbers can add a degree of security to online transactions, but by and large they have been a solution in search of a problem," Woolsey says.
Consumers must remain vigilant
Even a more widely accepted alternative payment system such as PayPal, which lets anyone with an email address sign up to send and receive payments from other individuals, isn't without its own pros and cons, experts say. Nor is it immune to security breaches.
Users link their bank accounts or credit cards to PayPal, and access PayPal by entering their email address and a password. Such email password security has its own limitations, since some people are lax about establishing strong passwords.
According to the 2014 Identity Fraud Study from Javelin Strategy & Research, there were 13.1 million U.S. victims of identity theft in 2013 — a new victim every two seconds.
"Additionally, fraudsters increasingly turned to eBay, PayPal and Amazon with the stolen information to make purchases," Javelin researchers said.
All told, identity thieves stole $18 billion last year, including credit card fraud, compromised lines of credit and email payment accounts.
Such high levels of fraud show the need for vigilance. To learn more, visit AARP's Fraud Watch Network.
"In the end," Woolsey says, "no matter how much security banks layer into credit cards, consumers still have to monitor their credit card statements and be watchful."
Also of Interest
- Take charge of your money at 50, 60 and 70
- 10 budget-friendly trips for 2014
- Find great volunteer opportunities in your community
Join AARP Today — Receive access to exclusive information, benefits and discounts