> Somehow Chrome autopopulating credit card fields got transformed into me having a Google Pay account.<p>If you give a company your information in one department, another department will invariably use it. See also: Facebook using the phone number you put in for 2FA for targeted marketing [1].<p>[1] <a href="https://techcrunch.com/2018/09/27/yes-facebook-is-using-your-2fa-phone-number-to-target-you-with-ads/" rel="nofollow">https://techcrunch.com/2018/09/27/yes-facebook-is-using-your...</a><p>> The old "don't be evil" Google wouldn't have done this.<p>What's the "old" Google? You mean like Google Latitude, circa 2009? [2] [3]<p>[2] <a href="https://www.computerworld.com/article/2530951/privacy-group-calls-google-latitude-a--danger--to-security.html" rel="nofollow">https://www.computerworld.com/article/2530951/privacy-group-...</a><p>[3] <a href="https://www.nytimes.com/2011/03/22/technology/22privacy.html" rel="nofollow">https://www.nytimes.com/2011/03/22/technology/22privacy.html</a>
(Googler, opinions are my own). I work on payments, but I don't have intricate knowledge about how autofill and "google pay" accounts work.<p>I think the confusion here is around having a payments profiles and Google Pay. Looks like we started calling your payments profile now having a "Google Pay account".<p>There is Google Pay (the app for tap-and-pay, along with P2P payments), then there is having a Payments Profile (which apparently we're now calling Google Pay, because that's not confusing), which you use for buying things on Google's properties.<p>There used to be a <a href="https://payments.google.com" rel="nofollow">https://payments.google.com</a> but that just redirects to <a href="https://pay.google.com/" rel="nofollow">https://pay.google.com/</a>. This is your payments profile. As far as I understand, when you added a card for chrome autofill, it would create a payments profile, as the card was stored as part of that system. The support docs say something like this: <a href="https://support.google.com/chrome/answer/142893?hl=en" rel="nofollow">https://support.google.com/chrome/answer/142893?hl=en</a><p>> When you’re signed in to Chrome and you enter your payment method into an online form, Chrome may ask if you want to save your payment info in Google Pay. If you accept, your payment information is saved in Google Pay. If Google Pay doesn’t support your payment method, Chrome may offer to save it locally on your device.<p>The Google Pay app (used for Tap-And-Pay) has its own activation process for being able to use a card, as it requires a 2FA process (depending on your bank).
This flag in chrome://flags might be relevant.<p>chrome://flags/#enable-autofill-credit-card-upload<p>"Enables a new option to upload credit cards to Google Payments for sync to all Chrome devices. – Mac, Windows, Linux, Chrome OS, Android, Fuchsia"<p>They've really ramped up the "Google" in Google Chrome these last few years. The "save payment" nag box was annoying before, now I'd move it firmly into the dark pattern region, as it attempts to convince you to move your payment into their payment services not just saved locally.<p>The fact that there is no "never ask me again" option for that save payment dialog seems like nefarious UI 101. How could a billion dollar company make such a rudimentary UI mistake in a flagship product? Well, they probably didn't make a mistake, they're just getting worse as a company.<p>Meanwhile, I am blocked from reading any more of that twitter thread by the uncloseable twitter sign up nag screen. What an antagonistic web!
Google Pay seems to share its data with payments.google.com and by extension Play Store, Play Movies and other services.<p>I bet that's where his "signup" came from - although every time I want to add a card to Google Pay on phone/watch I need to go through a tedious signup process involving my bank and SMS tokens, so I find this tweet very suspect.
Google has set up a payment profile without my consent after they've asked to verify my account with a credit card. These [1] are some previous comments with the details:<p>> A month ago I was asked in a surprise email to verify my age for YouTube with a credit card, which I did to avoid landing in support hell later on, because I publish browser extensions with the Google account.<p>> I rarely log in, and I wasn't using the Google account at the time the email was sent, nor do I ever use the attached YouTube account. The card was saved in Google Payments without my consent.<p>> I live in the EU. Their support page mentions that they will ask for age verification when you attempt to watch a restricted video, but I was not using the YouTube account.<p>> <a href="https://support.google.com/youtube/answer/10070779" rel="nofollow">https://support.google.com/youtube/answer/10070779</a><p>> Then there's also the question of creating a payment profile for the user without consent.<p>> > If you enter your credit card info for age verification, Google will retain this data as necessary to meet legal and regulatory requirements.<p>> <a href="https://support.google.com/accounts?p=age-verify" rel="nofollow">https://support.google.com/accounts?p=age-verify</a><p>> Meeting legal requirements is very different from saving your card in Google Payments, which then you can readily use to buy products in any Google service.<p>They are hopelessly deceptive, and will not shy away from breaking the law every step of the way just to prop up other Google services.<p>[1] <a href="https://news.ycombinator.com/item?id=30305345" rel="nofollow">https://news.ycombinator.com/item?id=30305345</a>
On a unrelated note, I can't believe someone using Chrome is surprised by something like this. If I were using Chrome and signed into my google account from there, I'd assume all bets were off.
Does this remind anyone of Google+? They had tremendous fake "engagement" forcing people to sign in to Google+ to use youtube, docs, etc. Google is going back to their old playbook. Hope someone is getting a very nice promotion from this.
Paul Buchheit; ex Google, ex Facebook & ex YCombinator was the one to suggest 'Don't be evil'.<p>He left Google in 2006 to join Facebook.
All the payment systems we have suck. Especially for aging parents, it's seriously like paper checks are way safer and easier, for them. How appalling is that?<p>I like the idea of Zelle, owned by the banks, no fees, no spam, instant - but ripe with fraud, so I don't feel fully comfortable having aging family members enable it. You cannot increase or decrease your send limit either. Complete shit. It's all automated, of course it should be possible to set a limit.<p>Google Pay keeps changing. I hate it because it's inconsistent and thus not trustworthy that I'll have anything like the same functionality today, tomorrow.<p>Paypal and Venmo are really the same company, and I long ago lost respect for Paypal. Venmo is worse because it adds social media on top of Paypal. So those are out.<p>Apple might have the best pay app now <i>except</i> it's iOS only and thus I think it's shit, because I value interoperability.
I disable all these sorts of "save my information" features in any browser I use, but there's really nothing stopping the browser from collecting that anyway. I just trust that the config settings do what they say they do.
Just checked. I too have a Google Pay account. (with zero activity). I never signed up for it. I never used it. I'm simply a google customer (email, youtube). You may argue that this is a unified payment service but none of these payments show up in google pay. So youtube does not use google pay to pay for it. It means that google pay just got the data from my account and get setup automatically. Google sucks. So if I had an Android phone would it be active now without my knowledge?
> the old "Don't be evil" Google wouldn't have done this<p>Just so we're on the same page, I have to assume that'd be the Google that predates Buzz auto-populating your contacts from Gmail, which resulted in people being "Buzz friends" with abusive ex's and other folk that people will do business email with but don't want social conversations with.<p>So, pre-2010 Google.
On a related note, I signed up for an Amazon Store Card and without my permission, Amazon assigned it as the default payment method for every (~15) addresses on my account. I used the card by accident before I realized it.<p>I wonder how much they’ve made in finance charges from customers who were tricked into using this card this way.
I found this very annoying the other way.<p>I have added my card via the play store, but now my chrome tries to auto-populate the credit card number. I'm pretty unhappy with it, since I don't want that information in google chrome.<p>(Sounds like the same thing, they share the data between all of the services, which doesn't feel great when the data they're freely sharing is credit card info.)
Chrome would offer to store passwords, and if you misread, it would offer to store passwords in your Google account so you can use it on any Chrome session as long as you log in.<p>I didn't appreciate finding out that Google had my passwords...
I really don't get the surprise. Data saved in chrome is saved into your Google account, whether they label this data under pay doesn't seem to be of a surprise to me at all.
When I see things like this from a company like google it tells me the company knows its dominance is coming to an end and its leadership is afraid and panicking.
Google is losing on being the best search engine. Mozilla is no longer making a great browser.<p>I am actually very hopeful for the next generation of hackers building things.<p>Cracks are starting to show in the massive walls of these large organizations.<p>I have a feeling soon we are going to have the next generation of wonderful companies and technologies and they won't be Google et al.<p>Apple still seem to be able to pull of great things such as the M1 but I wonder how much of that is TMSC.<p>Great time to be a venture capitalist who understands hackers.
> Uses google product x to store payment information<p>> Surprised when he has an account on google’s payment product y<p>How is this evil? There is literally zero negative outcomes from this.