With discounts of 20% to 40%, buying through an Internet commerce site is an attractive option. But next comes the question everyone wants to know: Is it safe?
Internet-based sales continue to grow at a pace we can only describe as “blistering.” But are you taking an unreasonable risk when you shop over the Internet? The answer is no! The most common fear people have is some hacker will intercept their credit card data and spend them into oblivion. What’s an Internet merchant’s standard reply? “Do you ever use your credit card over the phone?”
Then, they are quick to point out while Internet transactions involve data encryption, phone conversations usually do not. A person with a cordless or cellular phone can intercept anybody’s phone conversation. Because “listening in” via cellular phone to steal credit card information is so easy, it’s prevalent. Security experts even have a name for it: cellular phone fraud. There is no such fraud involved in data transmitted via a secure e-commerce system. Stealing data from a secure e-commerce system bumps the required sophistication by orders of magnitude.
Internet merchants also like to cite the millions of credit card transactions that occur each day—all with little thought given to security. People use both personal and company credit cards in person, via fax, and over the phone—and they do so routinely, without worrying about security. Think for a moment about how various merchants handle this sensitive information. What security measures do these merchants have for your unencrypted credit card information: the U.S. Postal Service (mail order or stamps), stores, hotels, and restaurants? The answer can be anywhere from “reasonably good” to “pure chance.” The point is: You won’t be lowering your standards to shop via a secured server over the Internet.
Compared to other buying practices, this is a new way to shop. And when something is new, we typically aren’t comfortable with it. However, giving out credit card information over phone lines is not new. Unlike most other methods, online shopping employs automatic data security. It does so via a secure browser and server to deliver secure e-commerce.
What makes an e-commerce transaction secure? A secure ordering system uses programming to encode sensitive information at your computer. The resulting encrypted message then goes out over the Internet via a path nobody knows ahead of time, and on to the server that will process your order. That server decodes the encrypted message and completes the transaction.
Secure e-commerce programs can run $5,000 and up, and they are no picnic to set up. Then, there’s a small fortune to be spent for the hardware and other items to make it all work. Companies making that kind of investment employ administrative and other measures to ensure they get their money’s worth and don’t endanger their reputation of having a secure ordering system. They have a vested interest in protecting their customers’ credit card information.
Last year, consumers lost several million dollars because of cellular phone fraud—even with the built-in protections credit cards offer. E-commerce-enabled merchants say last year, just like every year, consumers didn’t lose a single penny due to fraudulent credit card use over the Internet.
How can you test a server to know it’s secure? There are a couple of ways to know if you are on a secure page, depending on your browser’s ability to read certain credentials. Faking these credentials is a task nobody has figured out how to do yet. Thus, your browser is a reliable tool for testing the merchant’s ability to protect you from credit card information interception.
One way is to check the online ordering form for a secure server symbol. Depending on what revision of what browser you use, you will see a key or a padlock at the bottom corner of your screen. If you click on this symbol, you’ll get security information for that page.
The other way is to look for Secure Socket Layer (SSL) transmission. This enables merchants to encrypt any data sent to their Web servers. In turn, their servers encrypt data sent back to your Web browser. When you enter the buyer information page to place an order, the URL changes from “http” to “https.” This indicates you are on a secured page. The SSL Digital ID carries a third-party certification, which means you can safely enter your credit card information when prompted by the online purchasing system.
Because secure server pages cost more in terms of computer resources and download/upload cycles, most stores allow you to shop on an unsecured page, and then order on a secured page. You can order securely from a site that allows you to shop on an unsecured page—as long as you order from a secured page. Look for a secure page any time a form asks you for sensitive information—such as a credit card number.
The bottom line is: Online shopping is safe, but it isn’t always practical. You must weigh where it fits into your overall purchasing system. If you order to stock, instead of for immediate use, this method works well. Ditto for information products, such as books, tapes, software, etc. If you need to handle something before buying it, this method might not be for you. The strengths of Internet shopping are security, selection, and convenience.