Is it Safe to Store Credit Card Information on Google Chrome? | Hacker Noon

Google Chrome has a feature that allows you to store your credit card information on the browser. If someone were to hack into your system, they would be able to get access to everything on your laptop. The only piece of information hackers still don’t have is your CVV number and the only way for them to obtain that number is through phishing attacks. If you have the autofill option enabled, you put yourself at risk of hackers being able to make purchases with your card.

image

Jessica Truong Hacker Noon profile picture

@jtruongJessica Truong

Interested in security? Follow along for content within Cybersecurity

Are you concerned about storing your credit card information online? Or are you worried about how Google Chrome autofills your credit card number when you are online shopping? I know I am! To be honest, I startle myself when Google Chrome autofills my credit card number as I am about to enter it in myself. This then made me wonder whether or not it is safe for me to store my credit card information on Google Chrome and other applications. Plus, credit card theft is not going anywhere anytime soon; we see occurring more often than not. In this article, I will discuss whether or not it is safe to store credit card information on Google Chrome. 

Table of Contents:

  1. Should I Let Google Chrome Autofill my Credit Card Information?
  2. Be Mindful of Chrome Extensions
  3. Beware of Phishing Attacks
  4. Final Thoughts: Store Credit Card Information on Google Chrome

Should I Let Google Chrome Autofill my Credit Card Information? 

If you weren’t aware, Google Chrome has a feature that allows you to store your credit card information on the browser. 

You check your Google Chrome autofill payment settings by following these steps:

  1. Click on the three dots on the upper right corner of the browser
  2. Select Settings
  3. On the left panel select Autofills 
  4. Under the Autofills section, select Payment methods and there you will see the options “Save and fill payment methods” and “Allow sites to check if you have payment methods saved” that can be enabled or disabled as shown in the screenshot below.
image

So, what’s the issue then? Well, the issue is that if someone were to hack into your system, they would be able to get access to everything on your laptop including your credit card information if it is enabled. The only piece of information hackers still don’t have is your CVV number and the only way for them to obtain that number is through phishing attacks. They can pretend to be someone from your bank and call users to verify themselves by providing their CVV when in reality they are stealing it. Or they can send a phishing text message with a link so users can re-authenticate themselves (and what you don’t know is that they are installing malware onto your device). 

Keep in mind that if you own an Apple product, you can enable touch ID with Apple Pay as an additional security measure for your online purchases. As you can see from the screenshot above, it is currently disabled, but can be enabled. Apple Pay allows you to authorize payments made on your iPhone, Apple Watch, MacBook Air, or MacBook Pro.

Therefore, to prevent your credit card information from being stolen, I highly suggest that you disable the “Save and fill payment methods” in Google Chrome. If not, you put yourself at risk of hackers being able to make purchases with your credit card. You should also constantly monitor your credit card transactions and get alerted for purchases above a certain amount (i.e. purchases over $500 will be denied and alerted).

Now, we have an answer to our initial question, which is that you should not store credit card information on Google Chrome or enable them to store it. 

Be Mindful of Chrome Extensions

image

There are a lot of Chrome extensions out there for you to add to your Chrome browser, therefore, you should make sure that you evaluate the legitimacy of the Chrome extension before installing it onto your browser. Chrome extensions can negatively affect you if you aren’t careful. If you mistakenly install a fake extension, your system and all the data on it could be at risk. By installing a fake extension, you may have installed malware onto your system without your knowledge. 

Let’s take a look at an example. Back in 2019, there was a Chrome extension called “Flash Reader” that was able to steal users credit card information that gets entered in the web form. This means if you have the autofill option enabled as I discussed in the previous section, then you’ve just given your credit card to hackers. In order for the threat actors to lure users into downloading the extension, they have a pop up window that states “You don’t have Flash installed” and will provide you with a link to the “official” Chrome Web Store. 

Here are some tips that you should follow to evaluate the legitimacy of a Chrome extension:

  • Only install extensions from the official Chrome Web Store
  • Ensure that the developer is legitimate – every extension developer should have a public profile or website so you can verify their identity as hackers can pretend to be an extension
  • Do not install unnecessary extensions – if you install too many it will slow your computer down and/or extensions that aren’t used as often may be forgotten about could carry malware 
  • Go through your extensions regularly and make sure that they are still functioning properly 

Final Thoughts: Storing Credit Card Information on Google Chrome

Although storing your credit card information on Google Chrome may be convenient, it is not the most secure thing for you to do. In today’s society, it is not difficult for a hacker to infiltrate a system. If you care about your security and safety at all, then I suggest you educate and understand the importance of not storing credit card data on Google Chrome. Even though this article only talked about Google Chrome, it can happen on other applications where your credit card information is needed. 

Tags

Join Hacker Noon