You're tempted by the online superstores and electrical vendor sites you've seen on the Internet. The prices are good, and the promises of quick delivery save you expensive time. You could conveniently place an order and have it delivered to your door. The question is: Should you?

Online shopping offers unparalleled convenience, and saves money for both the purchaser and the merchant. Yet, many people hesitate to take advantage of it. Sure, this is a fairly new way to shop. And when something is new, we aren't always comfortable with it.

The benefits (see sidebar, on page 64J, original article are attractive, but security is a serious issue in the minds of those who decide not to shop this way. Are you taking an unreasonable risk when you use your personal or company credit card to shop over the Internet? The answer is a resounding "No!" The big fear people have is some hacker will intercept their credit card data and ruin their credit with an unauthorized shopping spree.

Do you ever use your credit card over the phone or give a PO number over the phone or fax? These transactions contain unencrypted data, and someone can intercept them with a cordless or cellular phone. You entrust your unencrypted credit card information to the U.S. Postal Service if you do mail order. You probably shop at stores, hotels, and restaurants that don't secure that information. In these circumstances, the risk is not so great as to prevent you from reaping the benefits. It's even less when you shop online over a secure server. But remember, the operative word here is "secure."

What makes a server secure? First of all, a secure ordering system uses a form script that encodes the credit card information right at your computer. The resulting gobbledygook then goes out over the Internet via a path nobody knows about ahead of time, and onto the server that will process your order. The diagram, below, shows what happens.

A typical secure server program runs $5000 or more, and is no small feat to set up. Then, there's a small fortune for the hardware and other items to make it all work. Companies making that kind of investment employ administrative and other measures to ensure they get their money's worth and don't endanger their reputation of having a secure ordering system. That's because they have a vested interest in protecting your credit card information.

Last year, consumers lost several million dollars because of cellular phone fraud. However, they didn't lose a single penny on a secure ordering system due to fraudulent use of a credit card over the Internet.

How can you test a server to know it's secure? There are a couple of ways-and the merchant has no control over how you can tell. Some merchants say they have secure servers, even when they may not. It pays to check for yourself.

Here's how: One way is to check the online ordering form for a secure server symbol. In Microsoft's Explorer, it will be a tiny padlock at the bottom toward the righthand corner of the IE window. Look closely at this lock: If it's open, you do not have a secure server. If it's closed, you do. In Netscape's browsers, you get a little key on the bottom toward the lefthand corner. It figures: The two big browser companies use opposite symbols! The key will appear solid and be on a blue background. If that's not what you have, do not put your credit card information on that page.

The other way is interesting, too. Some merchants use secure servers with Secure Socket Layer (SSL) transmission. This enables them to encrypt any data sent to their web server. In turn, their server will encrypt any data sent back to your browser. It's common to send order confirmation notices this way. When placing an order, you will notice on the page where you enter your personal information, the URL will change from "http" to "https." The appended "s" indicates you are on a secured page. Verisign is a third party that certifies the SSL Digital ID. This means you can safely enter your entire credit card number when prompted by an online purchasing system; it's completely unreadable in transit.

How do I order online? Many stores give you the option of browsing around the store or going directly to the specific product you wish to purchase. Typically, the pages with secure server scripts are only those that ask you for sensitive information.

Let's look at one store (mindconnection.com) as an example. It's an online computer superstore loaded with free content (tech tips, tax help, job help, chat forums, special interest directories, look up pages, links pages, goofy videos, and stuff for webmasters). It also has non-computer products, such as a singles feature, books, CDs, and movies. It's a massive site, but you can find your way around it in a flash. The store contains mini-websites for each of these major categories.

The nice thing about a store like this is you don't have to wade through all the items. Most stores have a "Search" function that allows you to find what you need quickly. Without a search function, you browse major categories and drill down to where you need to be. Browsing categories is similar to going to a section of a book or music store and then finding the exact shelf with the exact item you need. Selecting a category leads you to sub-categories and then to specific products with corresponding descriptions and pricing.

In this example store, when you find the software you are interested in, you can purchase it online by clicking on the Pricing/Purchase Information link. This site, like many others, allows you to use the mail, phone, or fax. EC&M's website (ecmweb.com) has a secure server option in the wings, but in the meantime, we allow you to purchase back articles via these other methods.

Any secure server site should have a statement prohibiting purchase by minors. This is because under contract law, no merchant can hold a minor liable to a contract. A "no purchases by minors" statement doesn't indicate the site is pornographic or offensive in any way. So, don't be put off by it.




Sidebar: The Benefits of Online Shopping

Here are some advantages of ordering online:

  • Shop 24 hrs a day, 7 days a week: Virtual stores never close.

  • No contending with traffic, other shoppers, parking, lines-common complaints about computer stores.

  • Compare products easily, from a single site.

  • No lugging heavy packages, wandering through aisles looking for what you need, or having someone take your cart while you're reading a product's packaging.

  • Reduced operating costs allow for competitive pricing.

  • Access the most up-to-date product information and pricing with the click of a mouse.

  • Eliminate fraudulent use of your credit card by sales personnel (the most common cause of credit card fraud with retail transactions).

  • Research and sample related products (if you can download them).

  • Perform high-powered shopping; even if you're on a remote construction site.