|
When e-commerce started on the Internet
a few years ago a lot of people were concerned about security.
There were horror stories of people giving out their credit card
number on web sites and losing thousands of dollars in
unauthorised purchases. But in most cases the people who suffered
did so through their own fault.
They just didn't take enough care to protect themselves from the
unscrupulous. In truth, it is safer to use your credit card on
the Internet than it is to hand it to a waiter in a restaurant,
as long as you take a few simple precautions.
Like any purchase you make with a credit card, the weak link in
the chain is when you actually hand over your credit card. Or on
the web, when you give out your credit card number. You need to
be sure that the person handling this very confidential
information is reliable and not likely to steal using your card.
TIPS
Here are a few tips that will save you a
lot of grief and help you make informed and safe purchases:
1. Only deal with web sites you know are
reputable. You can do this even if you have never done business
with them before by checking their credentials. If you know any
of their customers, ask them. Are they well known on the web for
reliable, honest dealing? Have you read about them in newsletters,
online discussion groups, chat rooms, etc?
Find out as much about the company as you can before you start
doing business with them.
2. Read their privacy statement. Any reputable
web site offering products or services for sale will have a
privacy statement that defines exactly how they protect your
privacy and security during purchases. The statement should tell
you what they do with any private information you send them. For
example, once an order has been processed the company should
delete any reference to your credit card on documents stored in
their files-electronic or paper.
They should not give out your email address to mailing lists or
other people. Read the privacy statement at http://thailandexportguide.com/privacy.html for an example. If a web site doesn't have a privacy
statement, go shopping somewhere else that does.
3. Make sure the company has a refund policy
and that it states clearly the terms and conditions under which a
refund will be made.
4. Make sure the web site offers an SSL (Secure
Socket Layer) order form.
This is a form you can fill in online that is stored on a secure
server. Only the merchant has access to an SSL secure server
using a user name and password. You can tell if the order form is
on an SSL secure server because your browser will show a
highlighted lock somewhere on the screen.
As you enter the form, your browser should also pop up a dialog
box telling you that you are entering a secure data entry area.
If you don't see these don't go any further. Find another site
that offers secure ordering. 5. Be very careful about giving your
credit card number to pay-for-sex web sites.
SSL TECHNOLOGY
So, what is SSL technology and how does
it protect you? When you send an order using an SSL secure form,
your web browser encrypts the data you enter on your screen. When
you press the Send button, your order is sent to and stored on
the SSL server. No one can read it while it is being sent, and no
one except the authorised client can get at the information on
the SSL server. Once there, it can be processed in two ways:
1. If the web site has special software installed
to do real time credit card processing it will send your card
number, name and expiry date to the merchant's bank. If the bank
approves the purchase, it sends a message back to the software,
which then gives you access to a special directory where you can
download the product.
2. If the merchant processes orders manually, it will log into
the SSL secure server using a private user name and password. It
will download your order to its computer. Then it will send your
credit card details to its bank for processing. If the bank
approves the purchase, the merchant will get in touch with you by
email with instructions on how to download your purchase. Or if
it is selling a service, it will start providing that service.
SECURITY LEVELS
There are different levels of security
available on the web, depending where you are physically located
in the world, and which browser you use. Most browsers outside
the USA use 64-bit encryption technology. This means they encrypt
your data using a 64-bit encryption key.
Although data encrypted using this key may be broken, it would
take many weeks or even months using a supercomputer. The
National Security Agency (NSA), the agency tasked with protecting
communications in the USA, has decreed that the much more secure
technology using 256-bit encryption cannot be exported.
They feel that if governments outside the US get hold of this
technology it may compromise US security. However, an Australian
company recently released a 256-bit encryption system that you
can add to your Netscape browser that works just like the US
version. Despite this, the NSA still insists on protecting the
technology.
Netscape tells you what level security you have installed. To
find out, click Help on the menu bar and then click on About
Communicator.
Then scroll down until you see this text: Contains encryption
software from RSA, Data Security, Inc Copyright 1994 RSA Data
Security, Inc All Rights Reserved. Underneath that you will see
information on the type of technology used. For most of us it is
completely meaningless. As long as it is there, you can feel safe
that your browser is protected by SSL security for online
transactions.
WHAT IT ALL MEANS
The technology for processing online
credit card transactions is as safe as it can possibly be. But
what do you do if something goes wrong and you find someone using
your credit card without your authority?
You do exactly what you would do if you had lost your card.
Report it to your credit card company immediately and have the
card canceled. Then get a new one issued and learn from your
mistake. As long as you take reasonable precautions when using
your credit card online you should have no problems.
A little common sense in cyber space goes a long way, just as it
does in the real world.
|