[SeniorTech] SeniorTech Tip: Is it safe to use your CREDIT CARD online?
- From: "Jerry Taylor" <jerry@xxxxxxxxxxxxx>
- To: <jerry@xxxxxxxxxxxxx>
- Date: Thu, 14 Apr 2011 20:11:27 -0400
Using
Credit Cards
Online
Digital Plastic
A recent news story focused on a hacker who stole 300,000 credit card
numbers from a popular music Web site. The cyber scoundrel then held the
numbers hostage, threatening to post them on the Internet if a ransom wasn't
paid. Rumor has it the cardnapper even sent the last four digits of one
credit card number to the Web site and threatened to send additional severed
digits if his demands were not met. The story interested me because, as a
consumer, I purchase goods and services online with my own credit card.
Let's take a look at the phenomenon of online shopping and explore just how
safe it is. or is not.
- - - - - - - - - - -
Some people are adamant about NOT using their credit cards online. When
pressed to give specific concerns, the answer is usually some variation of
"It's not safe." Fact: There has never been a single, documented, verifiable
instance of credit card information being intercepted while being
transmitted over the Internet, whether by e-mail or using any online form,
encrypted (secured) or not.
Let me repeat that. There has never been a single, documented, verifiable
instance of credit card information being intercepted while being
transmitted over the Internet, whether by e-mail or using any online form,
encrypted (secured) or not. Ever!!
Sure, there are lots of "anecdotal" stories that typically begin with
something like, "My brother's friend knows someone whose sister's nephew's
son's uncle had his credit card number stolen on the Internet." Trust me. It
did NOT happen! They're just spreading false gossip and false rumors!
"Experts" advise us to shop on secure sites - those that display the little
padlock icon in the lower left-hand corner of your browser. Having blind
faith in the little padlock, however, is analogous to wearing a seat belt on
an airplane believing it will protect you in the event of a nose dive into
Mt. McKinley. Yes, it's a good idea to always wear a seat belt, but it's
also important to understand the limits of what it can and cannot do to
protect you. Shopping on a secure site is a good idea and will, indeed,
encrypt or scramble the information transmitted to the site. But if there is
little or no danger to that data while in transit in the first place, let's
not obsess about protecting that which is already safe.
Purchasing goods and services through a secure site does not guarantee that
your data is invincible. Many secure sites receive credit card information
in encrypted format, then turn right around and re-send that same
information to a merchant or process the information internally via plain,
unencrypted e-mail or simply print it out. At some point in the process your
credit card information has to be unencrypted, so if you insist on worrying
about something, worry about what happens after your information arrives at
its destination.
The hacker who snatched the credit card numbers from the Web site managed to
find a poorly designed site that stored credit card information on its Web
server (computer). Had the orders been properly moved off the server, they
wouldn't have been there for someone to hack (take) in the first place.
Leaving hundreds of thousands of credit card numbers and related information
on the Web server was just plain foolish.
So the focus of the "Hacker Steals Credit Cards" story was misdirected. The
real story associated with this incident wasn't about the dangers of making
online purchases; it was about the poor design of the company's Web site and
its blatant disregard of good business practices.
A credit card provides a great deal of protection under any circumstance,
online or off and is still your best bet for online purchases. In the U.S.,
credit card purchases are protected by the Fair Credit Billing Act. If a
merchant does not perform, you can challenge the charge by notifying your
credit card company. And if your credit card information is "stolen," you
have a maximum liability of (only) $50. Banks and credit card issuers rarely
require you to pay any amount at all if you report any irregularities in a
timely manner.
Using a credit card on the Web to make purchases is actually LESS risky than
using it to make purchases at "brick-and-mortar" establishments ("stores").
When you use your credit card to pay for dinner, for example, your food
server will typically take your credit card to the back room and bring back
a slip for you to sign. You sign it and then what happens? You take your
copy of the receipt, leave the other copies on the table and walk away. Talk
about bad security!
For some strange and illogical reason, many of the same people who refuse to
use credit cards online are very comfortable making credit card purchases by
telephone. This is referred to as the "talking-to-a-live-body" syndrome: The
misperception that speaking with a person is more secure than interacting
with a computer. Think about the "security" associated with that process:
You provide your credit card information to somebody you don't know, at an
undisclosed location, and if that's not bad enough, you usually receive no
proof of purchase! We should be worried sick about it, but most of us don't
give the process a second thought because we're comfortable with using a
TELEPHONE!
Credit card fraud is rampant in the world, yet you never read stories about
the "dangers" of the telephone or fax machine when those devices are
utilized as a vehicle for transmitting credit card information. Have you
ever faxed your credit card number on an order or application form? Didn't
you feel just a twinge of apprehension thinking, "What if I dialed the wrong
number?"
Let's examine what happens on the receiving end of your fax: The fax
containing your credit card number - and probably your name, address,
telephone number - is printed on a piece of paper that will reside in the
paper tray of the receiving fax machine until somebody - it could be anybody
- comes along and retrieves that piece of paper.
In all probability your order will be processed appropriately, but do you
have any idea how many copies are made of the information you fax? The first
step for many retailers is to make photocopies of the order information for
distribution to appropriate departments within the organization. But what's
to prevent Rudy, the disgruntled copy boy, from making an extra copy?
Succinctly stated: Absolutely nothing.
The bottom line is this: Using a credit card online is about as safe as it
gets. The next time you read a story involving the Internet and credit
cards, ask yourself, "Is it really a story about the dangers of using the
Internet to shop online? Or is it a story about an unscrupulous merchant
failing to deliver merchandise, bad Web site design and/or questionable
business practices?"
There is one golden rule that applies to using credit cards in general:
Check your credit card statement each month. If there are any charges you
don't remember making, call the phone number that appears on your statement.
If you're convinced you didn't make a charge, challenge it, don't pay for it
and wait for the merchant to produce a proof of purchase or some
documentation that will jog your memory. If proof is not forthcoming, you're
home free. Safely and soundly.
Jerry Taylor
SeniorTech
http://www.seniortech.us <http://www.seniortech.us/>
Personalized In-Home Computer Lessons
for Senior Citizens and Retirees
585-964-3319
"Computers are not just for kids"
Other related posts:
