Many Internet security and privacy experts, however, question its necessity. "It's a good idea and clever, but I've never seen the need to use it," said Bruce Schneier, chief technology officer of Counterpane Internet Security Inc. Noting that consumers have, at most, only a $50 liability if a credit card is fraudulently used, Schneier said, "I don't have a lot a risk here." It would be more troublesome if someone stole his Social Security number and created a new account in his name, Schneier said; that kind of identity theft is much harder to correct.
Dan Clements, head of the Internet security firm CardCops.com, however, calls the limited credit card liability "an illusion." Clements said credit card numbers are sold and bartered all over the Internet and can be combined with other personal information easily available on the Web to create full-blown identity theft. Even so, Clements said, he doesn't use a virtual credit card number because "it's a hassle." Yet his solution, he admitted, is equally time- consuming: He asks for a new credit card number every three months.
Reproduced with permission of the copyright owner. Further reproduction or distribution is prohibited without permission.