What I want to discuss today is a very complicated topic which I don’t think I’ve ever covered before. Should you hide your data from online parties that deal with money? I’m talking about banks, online sellers or credit card companies. Hiding, by the way, means protecting metadata like phone numbers for two factor authentication, using a VPN to protect your IP address, using different emails, or not using your real name. The valid fear is that this data, when leaked, leads to Internet surveillance of a real identity. If you screw this up, what you do on social media can be used to identify you very quickly.

Can you hide from your bank? Should you hide from your bank? What about credit card companies? What about PayPal? And unfortunately this cannot be separated from sellers or online stores since often the seller’s payment process will link directly to the payment processor systems. For example, should you hide your data from Amazon? What about app stores from Apple and Google? Then there’s the issue of two factor authentication. I’ve talked about the dangers of giving a phone number to some Internet entity and having that use as an identity. Do you Worry about giving a 2fa phone number to your bank? What about PayPal? And I’ll confuse the issue more.

What about your car dealer? Protecting your data from these entities is a very valid concern for the average person and has nothing to do with financial fraud. There are multiple issues at play here and some of you may think this is a cut and dried situation where you don’t ever hide anything from financial institutions or a seller. You need a strategy. This requires some deep thinking, but fortunately I have done the research for you. If you want to learn this privacy strategy, stay right there. As I stated, this is a very complicated topic with many facets and recently even our company was facing these issues as we tried to accept payments for the upcoming Brax 3 phone and we encountered issues.

You see, the vast majority of my followers are different. Most use a VPN or even Tor. Many will use a voiceover IP phone number like our Bracks virtual phone. Many will try to obfuscate their names in some way or use changing addresses. All of these are attempts at privacy and not fraud. But it just highlights the difficulty because automated systems with payment processors are designed to find unusual patterns and unfortunately our user population is unique to begin with. In our case, our payment processor Stripe decided to close our account because of suspicious activity. All because of our unique population.

Given that this community will tend to be more careful about revealing data, I will guide you by category and discuss the risks. In general, it should be obvious that any bank that takes your money needs to know your identity fully. There are laws that stipulate this. Agencies like the IRS or FBI want to know that you’re not hiding money from taxes or doing money laundering. So it should be no surprise that they require kyc. KYC is the law that translates to know your customer. Specifically, it means providing positive ID, often multiple IDs to guarantee your identity.

Now, it should be clear here that this is your money we’re talking about and the bank is the caretaker. And if they screw up, they’re liable. So it behooves them to make sure that no one else can impersonate you. I’m sure this is not the problem for the privacy conscious, since you all understand this, but I think it is safe to say that the concern for the privacy conscious is if the data is shared to other third parties, which then create an online identity mapping of everything we do on the Internet. I’ve made many videos about the dangers of two factor authentication, basically focusing on how dangerous it is to share real phone numbers.

But many people misinterpret this and this is the time to explain this more succinctly. When it comes to banks. The reason financial institutions require a mobile number for two factor authentication rather than just any number like a Google Voice or a Brax virtual phone is that the number is used for kyc, so they need positive identity. Yes, the phone number is used to contact you as well if there’s some sign of possible fraudulent activity, but it serves a dual purpose as an identity verification. The valid concern though, of anyone unwilling to share real phone numbers is that the phone number will leak and be accessible on social media and other places.

And unfortunately it will leak. Whatever phone number you give to your bank, you must understand that it is public. A public phone number is used for kyc. It is your public or even your government id really, if you want to think about it that way. And here’s the surprising fact. That phone number you give to your bank as 2fa is published in your credit report. Again, this is public. It is in your credit report. So should this be the same number you use for social media? Hell no. Because some social media sites like Facebook or even Google will read data from credit reports from that real number.

They can derive your real name. Even if you happen to be pseudo anonymous on a particular platform in countries like the uk, what you say on social media can cause you to be arrested. Well, if you’re not thinking about this, you’re leaving a lot of breadcrumbs to your real identity. Even hackers can figure it out because the data from Equifax leaked in a hack a few years back. So this is a blanket statement. You must give your real phone number to your bank. It will be public anyway. If you’re required to use a legal real name, use your real phone number.

But this must not be the same number you use on social media platforms. Some of you raised the same issue with online payment sites like PayPal. Should you hide your phone number from PayPal now? In my case, I actually have an old Google Voice number with PayPal from long ago. Google Voice is a voiceover IP service. I’ve been trying to change this to use Brack’s virtual phone, but they’re not allowing me to change. So I’m guessing there’s some new restriction applied or maybe there’s some other algorithm in place that I don’t know about. Since I don’t really use Google Voice for anything, I just left it alone.

However, if you didn’t have the luxury of having a voiceover IP number in the past as I did, I presume PayPal may ask for a real mobile number. And here you really shouldn’t separate PayPal from a bank. PayPal has access to credit reports, so it will likely report your number to the credit reporting agencies. Thus, there is no point hiding a phone number here. But let me tell you why. The phone number on PayPal is a valid concern and may be impossible to solve. Unfortunately, when you make a purchase, it is possible for the phone number to be shared to the seller.

Understandably, it’s a third party, so you want to limit the privacy damage. Let me show you two problems with this. First, PayPal is often linked to your bank account, and part of the verification is that the phone number at the bank matches the phone number on the PayPal account. Second, PayPal requires that purchases shipped must use the official address listed on PayPal, otherwise the seller is not guaranteed against fraud. So generally speaking, PayPal is a financial institution, thus it has to be treated like a bank in spite of the leak of personal information that goes to the seller.

This really justifies avoiding PayPal if this concerns you. In my case, it doesn’t concern me because my PayPal is a corporate account. The alternative I think the best alternative in the US is Zelle. Zelle does not provide details to a seller other than the email address used, which of course can be anything. The way to use Zelle, by the way, is to go directly to your bank app and send a Zelle from there to the email of the seller. I would not trust going to some intermediate app. Obviously do not use a phone number as your Zelle identity.

However, the problem with Zelle is that it offers no protection for the buyer. So use Zelle only with trusted parties since the transaction is irreversible. Another option is ACH or wiring. These are bank to bank transactions and do not send data to third parties. Now let’s talk about limiting information we give to sellers. Now, aside from just the privacy concerns of phone numbers as an identity card, there is the valid fear that some sellers will sell your phone numbers, email, physical address and IP address. Check that seller’s privacy policy. But as I will discuss later, Amazon revealed this data constantly in the past, so it’s not necessarily intentional.

I wouldn’t necessarily worry about this with some small seller, but the bigger the seller, the bigger the risk since they can make money selling their client list generally without deep research. Generally without deep research. This is another legitimate reason to hide information from sellers. What I found though is that sellers will keep their own phone numbers for their own records. They will not overwrite this phone number with a phone number from PayPal if that is how the transaction is paid. The reason is that the number you provide them is verified by them, so they cannot just change it willy nilly.

I would definitely give a different phone number to sellers as the main contact phone number, such as using a Brack’s virtual phone number. Plan this out. You will always need an alternate phone number to protect your privacy. I do this with Amazon by the way, and that’s not been a problem. Thus in actual use, I have not seen an issue with this. Same with ebay though. You may need to give a real number to paypal for 2fa. You are not under any obligation to do the same with any seller. I’ll make an exception here though that you need to be aware of.

If you’re making a big purchase that requires credit, such as a car loan or lease, you must give your real phone number on the credit card application. Why? Again, this shows up on the credit report. So you don’t want your zero identity phone number from showing up in a credit report. Kind of defeats the purpose. Again, the simple rule is easy to remember. If you’re using your legal real name, then go ahead and use your real phone number. Also remember that the seller has your actual address. Any hacker with the Equifax Hacks database could look up the address and find the name associated with it.

So a real address can be an identifier, usually a PO box is safer since this is not an address that can be used with a credit report. But since the actual fear is someone selling your contact data, then using a PO box is not necessarily needed. Again, if there’s an option, using an alternate payment method like Zelle is really good as very little information is exchanged. As a general rule, I use a VPN24.7 on everything I do on the Internet. Using a VPN to protect your IP address usually causes no problems. However, if you set up a new VPN account and then the location from the IP address shows up to be quite different from your actual location, such as a different state or country, then this will usually be a flag for the bank.

Sometimes this can be resolved with a call to your bank, but in general to avoid all this you have to understand that as caretaker to your money you want to help the bank protect you. And because of financial laws banks are not going to be selling your contact data and IP addresses do not show up in a credit report. So to ease the potential problems with banks, establish a pattern by first using a VPN location near your bank. Obviously occasional different locations are normal since we move around during the day, but the key to not being flagged by some bank algorithm is by establishing a pattern, not blame the VPN company for this.

Whether or not a VPN is used, the change in location is a flag for some systems. However, I found that once I’ve stuck to years of using a vpn, I’ve never really had a problem being on a VPN with my bank using my own bytes vpn. In my case there are exceptions and I found that there are privacy invading sites that really want to know where you are. In general, the issue isn’t that you’re specifically using a VPN with the bank, the issue is that you’re doing many things on your computer and your VPN is on.

What you don’t want to do is to keep switching it on and off and then make the mistake of leaving it off when you go somewhere that needs protecting. Some carriers block VPNs. The typical suspects here are carriers like AT&T and T Mobile. I don’t have direct experience with Verizon, so I’m not mentioning them. Why do they do this? The only reason I can imagine is once again kyc. They want to know who’s accessing your phone number and phone records and they probably have an audit record of this. I understand the security issues that they want to deal with since obviously you don’t want third parties scouring through your phone Records or changing your number.

Access to your phone could give access to two factor authentication and maybe your bank accounts. So to go to these carrier website, you just simply have to turn the VPN off. If this is not palatable, then I recommend going to a public network or someone else’s WI fi to go to their sites. Avoid using your own hotspot or your own WI fi. Let me tell you why you have to go to a different network. Identity on the Internet is done via IPv4 addresses. Normally a wireless carrier uses IPv6 on their internal network for cell data. This is the new method, but it only works inside their internal network.

They switch to IPv4 only when they route outside of their network towards the Internet. This means that a third party site, let’s say a Facebook, cannot see your real IP address, which is an IPv6. They only see the IPv4 router used by the carrier, which is an aggregation of thousands of people sharing the same IPv4 server. So generally this means that cell data can emulate a vpn. But in the case of a carrier, they have access to records of your IPv6 address. So they know precisely which device is being used. So if you have to turn off a vpn, your device is fully known to a carrier.

This is exactly why many of them want the VPN off. If you go to a different network though, then obviously they do not know who you are even without a VPN. Now there are other online sites that ban VPNs and this irks me because if it’s a standard store, I don’t understand the reason for the privacy invasion. Some examples of this are sites like Crate and Barrel, Sephora, even ups. Why can’t you use a VPN on these sites? I think this is a reason to blacklist these sites as not being concerned about privacy. However, my mindset was softened by our recent experience.

Our own payment processor stripe closed our account down because they flagged our clients as mostly being on VPNs so their algorithm found it suspicious. Well, in my case, most of my followers would be using a vpn. Now would the typical user of Crate and Barrel and Sephora be using a vpn? Likely not, right? I imagine there’s a certain percentage of users expected to be on it. My personal thought though is that a site that blocks VPNs with no specific valid reason deserves to be ostracized. We use VPNs to protect our privacy. Nowadays VPNs are so common that it can’t hardly be a marker for fraudulent activity.

So how do we have safety if we cannot use a vpn? If the seller is not a carrier, we can use the solution I just described, which is to use cell data. Make your phone a temporary hotspot. For example, what will happen is that you will be using the Internet using an IPv6 address which is seen only by your carrier. Past the carrier, all they will see is the IPv4 Internet gateway off the carrier. So cell data is like a vpn. Starlink used like this is also like a vpn. I want to talk about the specific case of Amazon.

I personally use a VPN on Amazon. I use a corporate entity name and I give them a Brax virtual phone number. I’ve not really seen any recent risk with Amazon lately, so they’ve cleaned up their act. But let me tell you an older story. Previously, anything you ordered on Amazon was summarized in an email to you with your full name, shipping address and the specific items you bought. And most of you are using Gmail. I used to make a joke about this in the past because basically if you had Gmail, Google reads all your emails and can see what color panties you’re ordering from Amazon and the size.

Well, it was funny. But you can see the hidden risks here. Now Amazon realized the mistake here. And now emails no longer contain this information. You can only see this info when logged into Amazon. But this is an example of someone sharing data unwittingly, perhaps not intentionally being bad, but it shows incompetence with privacy and security. And this is a risk, especially with smaller sellers. So Amazon is no longer a concern with this. But be careful with other sites that send emails summarizing your entire order with the full shipping info on it. This is proof that you have to be careful with your data.

Even though a company’s privacy policy might not intentionally imply data sharing, we forget that when it comes to these three big tech companies, Microsoft, Apple, Google, we often will have to give information to use their app stores. And this will expose your real identity to them since you have to give them a credit card. I personally have a controlled relationship with these companies. In my case, I present a corporate entity with corporate credit cards. But this is not an option for many. If you use an iPhone or have to use Google Play Store, then obviously you your device is identified.

Or if you buy the iPhone from the Apple Store, obviously you’re also identified. I use ad Google Phone with no Google Play Store, so this is a lesser risk for me. I only use Google on an isolated browser, on a computer. I’m on YouTube but it never sees what I do on the Internet outside of Google. Watch my videos on browser isolation so you can learn about this technique. And I don’t use an iPhone. My older iPhone X is in a Faraday bag. Generally I don’t have a solution for iPhones, so my only answer is to stay away from this ecosystem in general.

For protection against being identified on the Internet you will need some tools and fortunately we have these services on our braxme store. I made these tools because I needed them myself. We have an email product called braxmail and one braxmail account can handle an unlimited number of aliases. So you can basically give each online site a different email. This will alert you then if someone starts selling your data because you will be able to identify the source of the leak and fortunately we also allow you to block email by each particular alias so it is easy to manage.

The other service you can utilize for this is Bragg’s Virtual Phone. For an inexpensive price, cheaper than a normal carrier line and without needing a SIM card, you can set up a voiceover IP line with sms. This can then supply you with a secondary phone number that you can supply to sellers and it can receive text, but this does not have the risk of the phone number being identifiable to sites like Google. If you use Google Voice, for example, these are standard tools for Internet protection and these are very popular among my followers. So to summarize, let me repeat what we’ve learned here.

Number one. Use a real phone number for banks, credit card companies and in credit applications. These numbers show up in credit reports. Number two in general, if you’re required to use a legal real name, use a real phone number for two factor authentication. Number three treat PayPal as a bank but understand the risk that the seller sees your data. Number four use Zelle instead of PayPal if it is allowed. Alternatively, you can also use ACH, but use this only for trusted parties. 5. Hide phone numbers and emails and use a VPN for sellers including Amazon. 6.

Where you are blocked from using a VPN, use a hotspot, WI Fi with cell data or StarLink without a VPN. This substitutes for a VPN if the site is not a carrier. Folks, we have a good sized privacy community on my platform Braxma. There are over 100,000 people there discussing privacy issues daily in various chat groups. Some of the products I mentioned in this video are available on the store on Brax May so join us there and become part of the community. We’d love to have you also we just started a pre order on the new Brax 3 phone which is available on a different site and that is brxtech.net this is slated for delivery in January for pre orders.

Thank you for watching and see you next time.
[tr:tra].

See more of Rob Braxman Tech on their Public Channel and the MPN Rob Braxman Tech channel.