People sharing photos of cards online are not idiots…

…they might just be your increasingly rare fans.

A few weeks back a new service started on twitter. @NeedADebitCard collated all the finest photos from the Internet taken by people keen to share their debit/credit card details and design with the world. The instant reaction to this by most sane individuals is ‘what are you doing you idiots?!’ Banking fraud departments across the globe probably tutted and cursed and then smiled as people proved what they already assume every day, the weakest link in online security is the one between the chair and the screen. Online commentators had a field day spouting off about the obvious dangers of this. My initial reaction was the same for about 5 minutes then I realised that these people are just using social media for its greatest use case, sharing everything. They might not be your most stupid customers but your most loyal, your most proud and in these current times banks need all the fans they can get.

The problems associated with sharing photos of your plastic payment device are actually the making of the financial institutions themselves. The Internet has been with us for 20 years. Social media in its current very easy to use incarnation probably 5-7 years old. Payment cards have been with us since the 60s and in that time they have not really changed a great deal. The bottom line is that they are not really fit for use on the Internet.

Outdated payment methods

These physical tokens of my relationship with a bank contain almost every bit of information a person needs to make card holder not present purchase from the web or via the telephone. The industry has tried to bolt on solutions to alleviate this problem e.g. the 3 digit security number on the signature strip (No one is idiotic enough to take a photo of the front and back of their card are they?) but you enter these details into a site every time you need to pay, effectively giving away the keys to your house every time you buy something via remote channels. Should the sites we buy from do more? Do ecommerce sites have PCI DSS compliance badges that they share with pride? ‘We keep your data safe’. Maybe the site owners should take a smiling photo of themselves holding their PCI DSS compliance certificate and put it on Instagram. Of course there are numerous protection standards in place around ecommerce sites I am being a tad facetious to make a point.

What of other solutions such as the universally loved 3D secure methods like Verified by Visa and Mastercard Secure. Yes they stop a certain kind of fraud but how many purchases are cancelled because of these things? How many swearwords are uttered when asked for an infrequently used password? What we need are payment methods designed for the web, designed to be used for one transaction or that just leave the merchant knowing who I pay via but not needing every single piece of detail to make further purchases.

I mean why do credit/debit cards need my full name printed on them? This is about digital identity and you would do well to watch Dave Birch’s recent talk on that subject. Dave is a man who signs his card transactions Carlos Tevez so he knows when people are trying to make fraudulent purchases. 

Social objects of banking.

(Bank) simple have just started sending out invites to their long time registered straining at the leash future customers. The effort and design they have put into their card will mean you will be seeing a lot of photos of these cards over the coming months. They had the foresight to package the cards with a thick blue rubber band holding the card in place but also to obscure the card details making easy to photograph and share the fact they are now proud (bank) simple customers.

Simple realise that the card is an important social object of their customers relationship with them and they wanted to make sure as many of them as possible would share that fact. They also realize the risk and warn their customers accordingly (while still encouraging unboxing photos) Traditional banks would not want you sharing the fact you bank with them online for fear of things like spear phishing yet one of the most used metrics in bank satisfaction is ‘Would you recommend your bank to your friends?’.

I have written about the social objects of banking in the past and I think they are massively underused in an industry that makes talking about your banking relationship and money in general seem massively taboo. This really should not be the case.


So before you go jumping to conclusions about customers who post pictures of their cards on social networks, think long and hard about why they are doing this and why in 2012 the details needed to make a payment online are printed on a small piece of plastic that everyone can see. Who are the real idiots?

This post origianlly appeared on Finextra

Leave a Reply