Paze

Preview:

Many banks have joined the digital payments field with their own service called Paze. It allows easy payments at participating merchants without providing them with your credit card number. However, it isn't as secure as I'd like, and they can keep your data for seven years.

Banks are trying to get into the digital payment space with their own wallet, like Google Wallet or Apple Pay. They launched Paze in 2023, and it is backed by many of the largest banks and credit unions. We will begin to see a Paze button next to the Apple Pay and PayPal buttons.

How it works

When you click the Paze button, you'll need to enter your email address. Then, they will send a One-Time Passcode to your "secure" device, which probably isn't secure, like your phone. You'll enter that One-Time Passcode and be given the option to pay via any of the credit cards you have with a participating bank. That bank will then make the transaction without giving the store your credit card number, without requiring you to enter any more information or use a password. In other words, they'll make it a little easier than using a password manager to fill in the information for you and a lot easier than doing it yourself. There will not even be any need necessarily to log into an account with the merchant.

Some of the banks who are participating in this are:

Bank of America
Capital One
Chase
Elan
PNC
Truist
U.S. Bank
Wells Fargo

The Good

No need to give the merchant your credit card.
Easy to check out
Reasonably secure, but not as secure as using a long random password and an authenticator app. But good enough.

The Bad

Data retention. Paze retains your data for up to 7 years, even if you opt out. Opting out should remove your data quickly.
One more place to sell all your data.
The fact that SMS messages are the prime authentication method, when it is known to be insecure, means they are not taking security very seriously.
Some banks are opting you in automatically!
No significant advantage over a good password safe being used properly.

Conclusion

I agree with Clark Howard, skip it. Note, his article is better than mine!

Date: November 2024

This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe Search All Articles Browse by Category Security Internet Mobile Business Hardware Fun		Paze Preview: Many banks have joined the digital payments field with their own service called Paze. It allows easy payments at participating merchants without providing them with your credit card number. However, it isn't as secure as I'd like, and they can keep your data for seven years. Banks are trying to get into the digital payment space with their own wallet, like Google Wallet or Apple Pay. They launched Paze in 2023, and it is backed by many of the largest banks and credit unions. We will begin to see a Paze button next to the Apple Pay and PayPal buttons. How it works When you click the Paze button, you'll need to enter your email address. Then, they will send a One-Time Passcode to your "secure" device, which probably isn't secure, like your phone. You'll enter that One-Time Passcode and be given the option to pay via any of the credit cards you have with a participating bank. That bank will then make the transaction without giving the store your credit card number, without requiring you to enter any more information or use a password. In other words, they'll make it a little easier than using a password manager to fill in the information for you and a lot easier than doing it yourself. There will not even be any need necessarily to log into an account with the merchant. Some of the banks who are participating in this are: Bank of America Capital One Chase Elan PNC Truist U.S. Bank Wells Fargo The Good No need to give the merchant your credit card. Easy to check out Reasonably secure, but not as secure as using a long random password and an authenticator app. But good enough. The Bad Data retention. Paze retains your data for up to 7 years, even if you opt out. Opting out should remove your data quickly. One more place to sell all your data. The fact that SMS messages are the prime authentication method, when it is known to be insecure, means they are not taking security very seriously. Some banks are opting you in automatically! No significant advantage over a good password safe being used properly. Conclusion I agree with Clark Howard, skip it. Note, his article is better than mine! Date: November 2024 This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.
		I attempt to provide reliable information, but make no warranty as to the accuracy or safety of these articles. I disclaim all legal responsibility for what following these instructions may do. Follow my advice at your own risk