What Data Do We Share When Making Payment Online?

How often have you found yourself entering your payment and personal information when shopping online? Do you ever ask yourself, why do you enter all of this personal and sensitive data?

At times, it’s easy to overlook the significance of data privacy, but staying informed is crucial.

“A word of caution: once you know, you can never unknow”

The Checkout Process

The last stage of your shopping experience is known as the checkout process. It is the moment in time where you have already selected the product, typed in your personal and payment information, and clicked the Pay button.

From a payment perspective, this stage is known as the payment authorization. It involves confirming that the provided payment details are valid, the bank account or card has sufficient funds, and the transaction aligns with the user’s spending patterns. I.e. authorizing your purchase. The merchant, with the help of payment providers and financial institutions, will not proceed with shipping your products until the payment authorization is received.

Fraud And Credit Card Theft

Let us take a step back! There is one piece of information that you have to be aware of. In the context of credit cards, if your card gets stolen and the thief has used it to shop online, you can always call your bank, dispute the transaction and ask for a refund (aka. chargeback). Your bank or the merchant, depending on their setup, are liable for this theft and will have to pay you back your money. You might find this shocking, but this type of payment fraud cost merchants and financial institutions in the 10s of billions of Euros a year.

Q: What is the best way for them to fight this theft and these billion of losses annually?

A: To collect as many data points as possible about the shopper and analyse it before authorizing the transaction.

What Are These Data Points?

• Payment Card details
• Device info
• Device fingerprint
• IP address
• Browser info – like browser type, if Java is enabled, colour depth, screen height, screen width, time zone, offset language locale
• Account Info (for registered customers) – like account creation date, account type, number of time a card got saved, number of time a saved address got used, password change date, transaction history and frequency within a time frame
• Billing address
• Shipping address
• Channel – mobile, desktop
• Country of the shopper
• Birthdate
• Delivery date
• Basket details
• Transaction amount
• Transaction currency
• Order details
• Coupon, Voucher or a Gift Card
• E-Mail
• Telephone number

And some more that are not necessary to be mentioned.

Shoppers provide some of this information for a very valid reason; like the shipping and billing addresses to get the shipment delivered with an invoice. But the other information, you aren’t even required to actively enter.

FYI! Legally, transactional data has to be stored in between 5-10 years in Europe. Depending on the country and the local legislation.

Author’s Take!

The checkout process, the final stage of our shopping journey, is not just a transaction; it’s a lake of personal details, financial information, and digital footprints that collectively form our online identity. Nevertheless, in my career, I have worked with a number of big merchants, payment service providers and financial institutions, and I am very confident about how serious they treat data protection and security, and I have no doubt of going again online and placing my next order at my favourite’s brand website.