Is Shein Safe for Debit Cards? Security Tips for Shein Shoppers

Ashley Ferraro, Consumer Operations
Nov 9, 2023
 Min Read

Launched in 2008 in China, Shein® has become one of today’s best-known online fast-fashion retailers. It currently has over 250,000 monthly visits and 195 million app downloads worldwide. Shein has become a popular choice due to its affordability, wide selection of items, and commitment to staying on top of the latest fashion trends.

However, considering the recent reports of alleged unethical business practices and the the fines they paid for improper handling of a data breach, many customers wonder if their data is in jeopardy on Shein. This article aims to clarify the issue, answering questions such as:

  • Is Shein safe for debit cards and credit cards?
  • What security concerns is Shein associated with?
  • What can you do to enhance the security of your Shein transactions?

Is It Safe To Use a Debit Card on Shein?

Generally, Shein is considered safe to use, as it employs industry-standard security measures to protect your data. In its Privacy Policy, the company claims to never store sensitive information and keeps it safe from unauthorized access or disclosure by implementing various technical and administrative safety measures. However, Shein is not transparent about what those measures are.

As Shein itself states in the Privacy Policy, safety is not guaranteed despite the precautions. It’s recommended that you remain vigilant and do whatever you can to fortify your payment data security online. This is true for any e-commerce platform you may shop on, including Shein, AliExpress, Wish, and eBay.

A close-up photo of a person browsing an online fashion catalog on their smartphone
Source: cottonbro studio

Security Risks That May Affect Shein Users

In the past, Shein has faced backlash for several reasons, some of which pertain to security. In 2018, Shein suffered a data breach in which the login details of 39 million accounts were stolen and sold online. Shein’s parent company, Zoetop, was later fined $1.9 million because it notified only a fraction of the affected customers about the breach. Since then, Shein has reportedly upgraded its security practices, but it can’t hurt to remain cautious.

Besides data breaches, cybercriminals have other means of obtaining sensitive information they can misuse. For instance, they may use brute force attacks to guess your password and access your account. They can then change settings to lock you out of the account and attempt to impersonate you with the stolen information. 

Another common method fraudsters use to obtain data is phishing—a type of scam that involves the use of social engineering to trick you into performing an action in order to steal your financial data, funds, and identity. In the context of Shein, the fraudster may impersonate the company and contact you via email or text, requesting that you:

  • Provide sensitive information, such as your card or account number and login credentials, in response to an email or text message
  • Click on a malicious link that leads to a fake login or payment page, which is embedded with malicious code that steals information
  • Download an attachment containing malware, which can infect your device and potentially harvest data or even help the fraudster gain control over your device

Some fraudsters go to the extent of creating a copycat website that appears the same as Shein at first glance but contains hidden traps to harvest data from unsuspecting users.

Is It Safer To Use a Credit Card Than a Debit Card on Shein?

Debit cards and credit cards are regulated by different laws. While both laws help minimize loss in case of card fraud, credit cards, which are protected by the Fair Credit Billing Act (FCBA), may prove more favorable for cardholders. The law states that as long as you report the unauthorized charge on your credit card within 60 days, your liability is generally limited to $50.

The Electronic Funds Transfer Act (EFTA), which protects consumer debit cards, also limits your liability to $50, but only if you dispute the fraudulent charge within 48 hours. If you report fraud after that, your liability may jump to $500, and after 60 days, you could potentially be held liable for the entire amount. 

Luckily, many debit and credit card issuers have their own zero-liability policies, and if yours is one of them, you likely won’t be responsible for any unauthorized transaction on your debit card.

While these laws protect your funds, they can’t spare you from the tedious but mandatory process of filing a dispute, replacing the compromised card, and updating your security settings. There’s also a risk of identity theft in case the thief manages to get hold of other sensitive information through hacking or phishing. They may use personal information such as your full name, address, and social security number to open new accounts in your name or commit other crimes. To avoid that, you should do what’s in your power to prevent your data from getting stolen in the first place.

A photo of a person using their laptop to browse a web store while holding a payment card
Source: Kindel Media

Tips for Staying Safe When Shopping on Shein

If you want to buy from Shein, you should take the following precautions to mitigate the security risks and potential consequences:

  1. Beware of phishing attacks
  2. Don’t save your payment information
  3. Fortify your account’s security
  4. Stay away from public Wi-Fi
  5. Monitor your transactions regularly
  6. Use virtual cards

Beware of Phishing Attacks

When you receive an email that seems to be from Shein, you should confirm the sender is legitimate before providing any information or downloading an attachment. You can determine the sender’s legitimacy by checking their email address. For example, you can compare it to previous Shein emails you’ve received and analyze it for discrepancies. 

Phishing messages can also be recognized by their urgent tone, occasional grammatical and spelling mistakes, and use of a generic greeting, such as “Dear customer” instead of greeting you by name.

You should also install antivirus software to safeguard your data in case you end up downloading malicious content by mistake.

Don’t Save Your Payment Information

Shein may prompt you to save your card information on their website so that you can check out more quickly the next time you shop. Consider skipping this step, as it could increase the chances of having your data exposed in case of a security breach.

A close-up photo of an unlocked combination lock sitting atop a laptop
Source: TheDigitalWay

Fortify Your Account’s Security

You should always use a complex and unique password for each website you sign up on, including Shein. By doing so, you’ll make your login credentials more difficult to guess, fortifying the security of your account. It is also recommended to update all your passwords once in a while.

If possible, activate two-factor authentication (2FA) for your Shein account, as well as any other account you may have. 2FA adds an extra layer of security by requiring not only your login credentials but also a secondary authentication step, such as entering a one-time code sent to your mobile device or using a biometric method like fingerprint scanning. 

Stay Away From Public Wi-Fi 

Security of open or public Wi-Fi networks is typically lax, putting your data at risk of being intercepted and stolen by hackers. You should avoid signing in or providing your card information to Shein when connected to a public network.

Monitor Your Transactions Regularly

You should keep an eye on your account activity and turn on transaction alerts so that you can detect debit card fraud timely. Immediately reporting any suspicious behavior can reduce the potential harm and limit your financial liability.

Use Virtual Cards

One of the most effective ways to protect your financial information online is with virtual cards. They’re connected to a real funding source but have randomly generated card numbers that mask your real card and bank data at checkout, protecting it in case Shein falls victim to a data breach. 

Some banks, including Citi®, Capital One®, and American Express®, offer virtual cards to their customers for free, but they can rarely ever match the level of control and convenience that independent virtual card providers like Privacy offer you.

An illustration of a padlock against a background with computer code
Source: madartzgraphics

Privacy Virtual Cards—A Safer Way To Shop Online

Privacy Virtual Cards have randomly generated card numbers with their own expiration dates and security codes. These cards can be connected to a debit card or bank account but shield this information during online purchases, adding an integral layer of security to your transactions

Privacy holds the BBB® accreditation and adheres to the same robust security protocols as reliable banks. The company employs security measures such as split-key encryption, password hashing with 100,000 iterations, and two-factor authentication to ensure the safety of your data.

Besides protecting your most sensitive information, Privacy makes checkouts faster and more seamless with its browser extension—available for Chrome, Safari, Edge, and Firefox. The extension auto-populates card details at checkout, so you don’t have to waste your time getting your wallet or typing in card numbers manually. The most recent addition, Safari extension for iOS, brings the autofill experience to iPhone and iPad users.

Exploring Privacy Virtual Cards

Privacy Virtual Cards come in two variants—Single-Use and Merchant-Locked. Refer to the table below to learn when to use them and how they protect your financial data during online transactions:

Single-Use Card Merchant-Locked Card
  • A Single-Use Card closes minutes after the first transaction is completed.

  • In case of a breach on a merchant’s website, this card is useless to potential hackers.

  • It’s ideal for unfamiliar websites or those you don’t plan on visiting again.

  • A Merchant-Locked Card locks to the first merchant you use it at.

  • It can be used repeatedly at the same merchant but will be declined at any other, minimizing the chances of potential misuse.

  • The nature of Merchant-Locked Cards makes them ideal for subscriptions and other recurring payments.

Privacy also allows you to:

  1. Set spending limits—By setting spending limits on your virtual card or account, you can avoid overspending and control how much merchants can charge you.
  2. Pause or close cards—You can pause or close a virtual card without influencing your real card or bank account. When you pause or close a virtual card, Privacy will decline all further transactions, which can be beneficial for preventing charges from subscription services you’re trying to cancel.
  3. Create virtual cards on the go—The Privacy mobile app, compatible with iOS and Android devices, allows you to create and manage cards wherever you are. You’ll also get a notification and an email whenever your cards are used or declined, allowing you to monitor your account activity on the go.

Privacy—Pricing and Signup Process

With Privacy, you have several pricing options at your disposal:

Plan Price What It Entails
Personal Free for domestic transactions
  • Up to 12 virtual cards per month

  • Browser extension

  • Web and mobile app

  • Card pausing and closing

  • Spending limits

Pro $10/month
  • Everything in the Personal plan

  • Up to 36 virtual cards per month

  • No foreign transaction fees

  • Priority support

  • 1% cashback on certain purchases (totaling up to $4,500/month)

  • Ability to mask transaction details on bank statements

Premium $25/month
  • Everything in the Pro plan

  • Up to 60 virtual cards per month

  • Dedicated account management

To experience Privacy first-hand, follow these four simple steps:

  1. Create an account
  2. Provide the details needed to verify your identity
  3. Link your debit card or bank account
  4. Request Privacy Virtual Cards

You can sign up for Privacy if you’re a U.S. resident over 18 with a checking account at a U.S. bank or credit union.

Privacy — Seamless & Secure Online Card Payments
Checkout securely online by creating unique virtual card numbers for every purchase. Avoid data breaches, unwanted charges, and stolen credit card numbers.
Sign Up