The problem statement

As e-commerce spreads in India,more and more people will switch to online to buy books, magazines and various other products online. With time, more and more transactions will be made online, including a majority through credit cards. Today in the name of making your online experience easier and faster, each e-commerce site or payment gateway stores your payment details in their databases. This, they claim prevents you from having to remember multiple cards or to have the card handy while buying something. This is done by all major sites including Amazon, Apple, Google etc. Of course, the convenience part is just a smoke-screen. It is psychologically beneficial for these sites to not let the customer have second thoughts when he reaches for the wallet to remember the credit card number and the various other related bits of information.

What are the consequences?

Security

There are two consequences of allowing a site to do store this information online. One is, of course, the security risk. In case someone hacks the site’s database, you run the risk of exposing your credit card details to thousands of unscrupulous hackers. But the safety aspect of this has been written countless number of times elsewhere.

Auto-renewals

What I want to explain is one more consequence of storing your payment information online – the problem of auto-renewals.

Netflix, Spotify, Amazon Prime, Google Music, Zinio, Magzter – all of these are changing the consumption model in today’s world. Moving from paying for a physical CD, to downloading single mp3s, to a streaming model, the online world is moving towards a subscription model – be it magazines, movies, TV shows, music subscriptions.

I subscribe to many digital magazines as it is more of an eco-friendly option. No doubt it is cheaper than the paper edition. Many sites like Magzter and Zinio come up with offers upto 75-90% off on various magazines, which is a steal in my opinion.

But my experience on some of these sites has been far from ideal. Let’s say I bought a one-year subscription for a magazine which was being offered at a 90% discount. The site stores my payment information by default (in the name of convenience). At one of these websites, surprisingly I had no way of accessing this payment information which was stored in their database. When the subscription expired, the site auto renewed my subscription and charged me the full price of the magazine. When I wrote to them about cancelling my renewal, they simply said that cancellations are not part of their policy. This was indeed a shocking revelation. Not providing the user the option to change or remove their own payment details is a major bug/lack of feature. Not only this, I did not have any option to turn off auto renewals on any of my magazines through their website.

Even when I had gifted someone a one year subscription to a magazine, this site went ahead and renewed their subscription once it expired! The “giftee” in essence would get a life time subscription of magazines until and unless I decide to block that particular card. In the end, I did manage to get them to cancel auto-renewals on all my magazines.

So what are the solutions?

This problem comes up with sites who are not yet established players in the e-commerce field (and by that I mean, anyone who is not Amazon, Apple or Google) and by extension, not trust-worthy to keep my credit card information stored in their databases.

So what is the solution then? Look for alternate payment options, if possible:-

1) Cash on Delivery (COD) – This is for the most paranoid. If the site offers a COD option, go for it. The money stays safe under your mattress until the product is delivered. And once the subscription ends, the delivery man can not practically enter your home to take some more of your money to renew that subscription.

2) Cheque – A cheque is still a very popular and safe way of payment. The only problem is the time it takes to getting a cheque cleared and the subscription to start. Especially in terms of e-magazines and e-books, it would be foolish to wait for a cheque to clear to be able to download something to your devices.

3) Net banking – This is also a very safe option, especially when coupled with a one time password (OTP) sent on your mobile number. This would stop unauthorized auto-renewals in their tracks.

4) Gift cards/Coupons – By buying gift cards or coupons first, and then using these to buy your subscriptions can prevent reuse once the subscription expires.

5) Disposable cards – Out of all the above, this one is what seems the most convenient and flexible. The above three options may not necessarily work especially in international sites or for payment in currencies other than rupees. Some sites may not even have payment through the above options, instead demanding only international credit cards. This is where disposable cards can be a powerful tool in your arsenal. Many banks (HDFC Bank Netsafe, Kotak Mahindra Bank, Citibank) now offer the facility of generating a one-time disposable card. This card can be generated using the netbanking site provided by the bank. This card not only has different details than your original card, but also you can limit the maximum amount of transaction on the card. This is an added layer of protection.

Once the card is used up, it doesn’t matter which site stores this information because the card is automatically disabled after first usage. Whenever you need to renew your subscription, you can always generate a new card and use that at the time of renewal. Since most magazine subscriptions would take place yearly, it is only once a year that you would have to undergo such a procedure (of course you will have to batch your magazine shopping in one go)

So in closing, if given an option, do not store your credit card information online. It takes hardly a minute to whip out your card every time you need to make a transaction. And it is a million times safer as well. In case you suspect that site will discreetly store your payment information without telling you so, generate a temporary credit card from your bank’s website and use that to make the payment. Lastly,  use non-CC based approaches if you have an option to do so. These may be a little less convenient but safer in terms of keeping your money with you.