Update 8/24/25: Negative changes have been made:
- Can no longer define an expiration date. All van’s now expire 3 years from generation
- Can no longer define specific spending limit amount – available options include $25, $50, $75, $100, $300 or no limit
- Once spending limit is chose and number generated, limits cannot be changed
- When ever a virtual number is “viewed” on the citi website, its CVV changes
Hat tip to das1996
Update 8/15/21: Readers in the comments report that the new Citi virtual account number (VAN) system is now live.
Update 8/11/21: These changes are due to go live within the next week and include being able to use it in app.
Update 7/20/21: Some additional information regarding the VAN changes. Hat tip to reader Daniel P
Update: In the FAQ they indicate that there’ll be a new, improved system rolling out in early summer 2021. Hat tip to reader diggs
Original Post:
In recent times Citi has made a number of changes to creating a Virtual Account Number (VAN), Citi update the card generation page to no longer use flash and also removed and then readded the feature for American Airline cardholders. Currently at the moment it’s only possible to generate a VAN with an end date of 7/21 or 8/21. At first it seemed like this was just part of the service as it was some period in advance, but as we continue to approach this date it’s unclear if Citi plans to discontinued the service at the end of August or make significant changes to VANs. We’ve reached out to Citi for comment but are yet to hear back.
Hat tip to reader Matt I
A Citi representative told me via chat today that the new virtual numbers are limited to $300 – even if you choose the no limit option. Does anyone know if this is true?
So basically rendering them useless. Thanks mega corporate.
Can anyone comment on Capital One’s virtual card? For me at CapitalOne there is no option to set the spend limit at all. There is just an option to activate or delete virtual card.
Keeping this in mind, isn’t it a lot less flexible than the Citi virtual card, even accounting for the new changes.
Honestly the changes don’t seem that bad.
Only real change is that you’ll have to delete the virtual account number after paying/using it if your intention was to use it for one purchase like a trial or subscription or a questionable site.
Never had to change a spending limit — I’d just create another virtual number if needed, so that change is a non issue. I could see someone wanting to lower the limit to something very low so that new charges above that would get rejected, though.
CVV changing after viewing on site might be annoying for some, but I normally just write or type down the information anyway for one time use and don’t go back to it.
The nice thing is that you can name the VANs, so you can nickname or initial something to help jog your memory of where you used it.
Awful slew of changes
Just use privacy. .. com, much sleeker and better than this crap.
Privacy.com links to your checking account. No thanks.
These new changes are not helpful, but in it’s own half ass way, it’s still usable.
Privacy.com sucks for so many reasons. Not a credit card, paid subscription, linked to your bank. There is very little “privacy” which is ironic because of the name.
Sorta surprised at the negs on privacy.com. I use the free version, mainly for trials and other stuff that I don’t want to auto renew, works just fine.
“They link to your bank account” — so what?? You don’t have a auxiliary checking acct somewhere you can use instead of your daily driver?
I really like how Privacy.com gives you, as part of the free plan, one-time-use cards that close after the first charge. Citi has never and will probably never offer that. Like you I don’t understand why people complain that it’s linked to a bank account. You set restrictions on the cards you generate so it’s not like you’re going to have any unexpected charges hitting your bank account.
Totally. Privacy also shows you each time merchant tried to hit your card and was declined.
Capital One offers one-time-use cards as well with credit card transactions.
The problem with debit transactions is that there are near zero consumer protections compared with credit transactions. Also, you build points with a credit card, not so with debits. Those are reasons enough for me not to use privacy.com.
The virtual card benefits are fine, but what happens if there’s a fraudulent charge. Now it becomes a mess as the funding source is a checking account and there’s a third party (privacy.com) involved.
With citi/capitalone, it’s still a credit card.
You dispute a charge to a Privacy card by contacting Privacy. More details, etc. at: https://support.privacy.com/hc/en-us/categories/11900407892759-Disputes-and-Fraud-Protections.
Additionally, you can further limit your exposure by using a secondary checking account, with de minimis or managed balance.
I’ve been using these guys for years, for lots of transactions, never had a single issue.
BTW: Privacy cards are actually credit cards, not debit cards. It’s a little complex, but see cardholder agrmt here: https://www.privacy.com/cardholder-agreement
I recently closed my X1 card as I never used it except for its virtual card function, which was fantastic. I’ve been using Capital One whenever I need it but it isn’t nearly as feature rich.
I’ve never used this feature of Citi card since once upon a time I got charged on a deactivated virtual card through subscription charges and was told by Citi that merchants are able to do that.
Purity of stupidity.
That’s awful. Not surprised from shitibank tho….
Capital one venture. Much easier to generate in the app
Is it just the Venture or does it also apply to other Cap1 cards?
Cap1 cards in general have VAN. Or at least my couple non-venture ones do.
Is there any other card issuer that generates VAN?
Capital One
Robinhood, if you can get it.
Revolut app lets you create burner cards. Amex has virtual numbers if you add it to Google pay and use a chrome browser
Can you elaborate on “use a chrome browser” part? When you add any card to G Pay, it generates (one) virtual number and it is not disclosed even to the card owner.
paywithextend.com works well for Amex Business cards.
Well, kind of a pain to lose flexibility, but I just tested, and you can still deactivate at any time. That just adds a step that an expiration date took care of automatically. I still don’t like the “daily limit” concept. Better to have a total credit limit.
In contrast, Capital One lets you set an auto lock date, which accomplishes same as expiration. And they let you set an option to deactivate after one charge.