You could take the approach that my wife and I do. We both have 1 card each linked to our checking account. We have a 3rd card that is signed up to all of our reoccurring payments (electric, cable, water, sewage, trash, netflix, etc) that card is stored in a safe deposit box.
The thinking is if either one of our cards get compromised we will can just replace that card, the third card will remain safe while locked up. That is unless the company or payment processor gets breached which is a larger issue in itself.
One of my card issuers [1] has a feature called "ShopSafe". ShopSafe lets you create virtual credit cards on top of your real card. Each virtual card has a separate lifetime charge limit and expiration date. Once a charge is made against a given virtual card, future charges on that card can only be made from that merchant.
For recurring payments I make a ShopSafe card per merchant. If one merchant has a breach all I should have to do is make a new ShopSafe card for them. All of the others should be unaffected.
If the underlying card is compromised and replaced the ShopSafe cards should continue to work as long as the underlying account is not closed.
This has worked out quite well. There are only three annoyances.
1. The interface is annoying. It is a small Flash window.
2. The expiration date can only be up to one year out.
3. Some merchants, like Amazon, use a variety of merchant names depending on what you are buying. For example, the shoelaces I bought recently from Amazon show up on my credit card statement as "AMAZON MKTPLACE PMTS AMZN.COM/BILLWA". The Kindle book I bought recently comes from "Amazon Services-Kindle 866-321-8851 WA". My subscription to the Kindle edition of "Analog Science Fiction and Fact" comes from "KINDLE-AnalogScien 866-216-1072 WA". (A few months ago, Analog came from "AMAZON DIGITAL SVCS 866-2866-216-1072 WA"). I also see in my Amazon purchase history things from "Amazon.com AMZN.COM/BILLWA".
Dealing with that would require five ShopSafe cards, and picking the right one for a given purchase.
There is a workaround I've heard for this with Amazon, but have not gotten around to trying. Buy Amazon gift cards with a ShopSafe card, and use them to pay for everything else.
[1] Bank of America. I believe that Citi has a similar feature.
This is exactly what my wife and I do, we both have our primary spending cards (her Discover It, my Capital One QuickSilver) that get used for everyday purchases - but I've also got a very basic Wells Fargo Platinum card that gets used for recurring payments (car insurance, unlimited car wash pass, internet bill, utility bill, etc).
We don't touch the debit card attached to our checking account unless there's no choice, however - which is usually just WinCo when we can't get what we want (or get what we want for a reasonable price) at Fred Meyer or Albertson's. All of our credit cards have $0 liability, and worst case if someone skims them and maxes our limits we have to temporarily switch to a backup card while the charges are reversed and a new card is mailed - someone draining my checking account leaves me with the inability to pay rent, electricity and gas and Wells Fargo is happy to drag their ass on reversing unauthorized debit card payments.
I do the opposite: I try to limit recurring transactions to one or two per card.
My cards have been compromised by Target, Home Depot, and other vendors. I never know exactly who, just get the notice from the bank that I'm getting a new card.
The side benefit for me is that these small transactions keep the cards active with regular on-time payments.
If one of them is compromised, I only have one or two recurring payments instead of having to change all of Netflix, Ting, Comcast, Virgin Mobile, Google Play, Apple, NY Times, WSJ, etc.
My defense, however imperfect, against having to deal w/ having to update subscriptions is to have a card I only use for subscriptions, so there's a low chance it gets skimmed. I use Mr. Swipey swipe all day long without need to (excessively) worry that someone illicitly cloning Mr. Swipey will affect my relationship with Mr. Subscribey.
Pfft. My new Amazon CC got compromised the day I got it. I used it precisely once, for an Amazon transaction.
I've probably had 5 cards compromised in the past decade. The biggest hassle is changing recurring payments. I don't track them, I just do my best ten wait for the bills to fail. What's annoying is sometimes they keep successfully charging my account for 4-5 months before failing. How they're able to bill the old number I don't know.
But yeah, they just call you and send you a new card. No need to select which transactions are fraudulent typically -- or at best 2 mins on the phone. No big deal.
Sucks when you're overseas but google voice + headphones and then Apple Pay means your new card is active the minute it's issued, even if you won't get it in the mail for 2 weeks.
I recently had to get a card replaced and what was interesting was that some companies with recurring subscriptions automatically updated to the new card number without any input from me. Not everyone did this but it was about half of my recurring charges. They must have some way of updating the info via the card provider. The expiration date and CVV changed as well but they magically already had it.
Visa's product is called Account Updater[1] and MasterCard's is Billing Updater[2]. It allows previously approved billers to get updated card information when a card is replaced due to expiration, loss, fraud, upgrade, etc.
