How To Remove My Card Information From A Website

When you’re shopping online, you’ve probably seen retailers ask if you’d like to save your card information. While the rationale is that doing so is a convenience for you, it also creates a situation that’s beneficial for the merchant since it encourages you to come back for future shopping.

You should have the choice to decide whether you want to save your card information with a merchant, but what if you don’t have the chance to opt out?

As an example, reader Juanita shared that, “A local sports facility offers summer classes for kids. Weekly sessions can be purchased individually, and the person must register each time they sign up for a session. They only accept credit card payments, and although their payment form powered by EZ Facility offers the option to uncheck the statement ‘I authorize Longplex LLC to store my credit card information for future payments,’ the ability to uncheck it isn’t available.”

Understandably, Juanita wanted to know if this behavior was lawful. Here’s what she needs to know.

When are credit cards saved with an online merchant?

Credit cards are typically saved when you’re completing an online transaction and creating a user profile for the merchant website. Many merchants will ask you to set up an account and provide your personal information before you make a purchase, including your credit card details. This way, when you make a future purchase, all you have to do is log into your account and use the payment method that’s already saved.

Other instances of your card information being saved might come from outside the merchant site, such as when web browsers like Google Chrome prompt you to save your credit card information for auto-filling purposes. Some websites, however, will also allow you to check out as a guest so that you don’t have to store your personal information on the site.

How to remove card information from an online site

In case you have concerns about your card information being compromised and don’t have the option of checking out as a guest, you can complete your purchase and then remove your card information from the website. You should be able to do this with the following general steps:

1. Sign into your online account with the merchant. Most merchant websites allow you to sign up with their page, which is how they store your information in the first place.

2. Find your payment plan information. This is usually listed somewhere under your account details.

3. Delete your credit card information. There should be an option to edit or delete your payment plan information.

If you don’t see this information or don’t see a way to remove it, you may have to reach out to customer service.

Keep in mind: If you store your information through a web browser for auro-filling, you should be able to follow similar steps to remove your information.

Can a merchant store your credit card information without permission?

The short answer is no. While there’s no rule that governs how or when issuers can store your card information, many states have laws on the books to deal with credit card fraud, which falls under the umbrella of financial transaction card fraud. Laws like the one passed in Georgia explicitly bar merchants from using your card without your permission or authorization — and if there’s no way to opt out of giving your permission, that could be considered illegal.

Security standards for merchants

The Payment Care Industry Security Standards Council — or the PCI SSC — is an organization founded by American Express, Discover, JCB International, Mastercard and Visa.

The PCI SSC sets security standards for merchants that transmit, process or store payment card account information and provides best practices.

Compliance with the PCI DSS requires merchants to limit storing and retaining customer names, card account numbers and expiration dates only for the time required for business or legal purposes. And it explicitly frowns on merchants storing, for example, a card verification value (CVV) or personal identification number (PIN).

Dealing with “dark patterns” that undermine consumer choice

While the process to remove your card information from a site or keep it off the site entirely can seem simple enough, some merchants make it deliberately difficult for you to exercise this option, going against PCI SSC recommendations.

One way they do this is by designing their sites to utilize dark patterns that subvert your choices. This can include:

• Not allowing consumers to “definitely reject” the collection or use of data.

• Repeatedly leading consumers to select settings they don’t favor and want to avoid.

• Using confusing settings that lead consumers to make privacy choices they did not intend to choose.

• Highlighting choices that make for more information collection, while “graying out” options that allow consumers to avoid this.

• Purposefully obscuring privacy choices and making them difficult to find.

• Using default settings that are geared to maximize data collection and storage.

What if you can’t opt out of having a website store your information?

In Juanita’s case, the website she was using didn’t allow for opting out of storing your credit card information since she can’t uncheck the option. If Juanita wants to opt out of having a website store her card information, but finds that she can’t exercise that option, she should try the following steps:

Talk to the merchant

First, she should try to resolve the matter with the merchant. The merchant could be having an issue with their website, for example. Even if they’re not, Juanita should be able to request that they remove her payment information by speaking with customer service.

Keep in mind: If you’re calling them to have your information removed, make sure you request an email summary of their promise so that you can be sure they follow through.

File a report

If the merchant doesn’t respond or refuses to remove her information, Juanita could also file a report with the FTC.

The Consumer Financial Protection Bureau has also been concerned about businesses trying to manipulate consumers, so she could also file a complaint with that agency. In addition, she could turn to her state attorney general for guidance.

Use a virtual credit card or digital wallet

There are also actions Juanita can take before completing her purchase if she wants to keep her credit card information safe. For example, she could opt to use a virtual card provided by her issuer or a third-party app like PayPal. Virtual credit cards have the buying power of your regular credit card for online purchases, but use a different set of numbers that changes with your transactions, so your real card number is never saved.

Many credit card issuers have begun offering virtual cards — Capital One, for example, provides virtual cards through its built-in assistant Eno, while Bank of America lets you get a virtual card number through its mobile app.

Another option is to use cards stored within your digital wallet for your payment. With digital wallets, your real credit card number is encrypted, so the merchant will never be able to save your actual card information and it can be used online as well as in-person.

Learn more: Is it safe to add a credit card to my digital wallet?

Know protections provided by Federal Trade Commission

The Federal Trade Commission agrees that merchants shouldn’t collect information they don’t need, further advising that, if a merchant does collect card information, it’s in their interest to hold on to it only as long as there is a bona fide business need to do so, meaning it shouldn’t store it if the merchant doesn’t anticipate future transactions.

In addition to the FTC, various state authorities have also been cracking down on dark patterns that are aimed at thwarting consumers’ choices. For instance, the California Consumer Privacy Act, the Colorado Privacy Act and similar legislation in Connecticut weigh in on the use of online dark patterns.

The bottom line

Although retailer websites want to hold on to your card information to make it more likely that you’ll shop with them in the future, you should be able to check out as a guest if you don’t want your personal details stored. You can also use an alternate payment method like a virtual credit card or a credit card through your digital wallet. If that’s not an option, you can try to complete your transaction with your card and then remove your card information from the website.

If a website is designed so that you can’t opt out of having your merchant store your credit card information, your merchant is likely using dark pattern designs in an attempt to manipulate you and other customers. Call the merchant to try and sort out the situation, and consider filing a complaint with the appropriate authorities while you’re at it.