Comment by cosmic_cheese
20 hours ago
Data privacy is a real concern, but any SaaS provider worth their salt is using Stripe or similar for payments, not rolling their own. That's not as good as not providing the info in the first place but that makes it much less likely that your CC info is going to turn up in an S3 bucket with bad permissions or something.
Yes, but at this point I'd almost rather have my CC info exposed than my personal info. There is law and consequence for fraudulent charges that protects me from loss (if not inconvenience) but there is basically no protection for playing fast and loose with my PII--in fact, it's the opposite! They sell it!
I haven’t thought about it this way but yeah I totally agree. Most of the major consequences from my CC info getting leaked can be dealt with without major long term impact to my life. The same cannot be said about PII currently
privacy.com let's you generate per-merchant credit card numbers and put limits on them, limiting the damage a leaked CC number can do.