Toombs.info

Safety for Online Financial Transactions

Many users express concern about using a credit care to make an online purchase, or to use online financial services such as online banking.

Concern is warranted. But for some, their concern about online transactions may be excessive, especially when compared with other types of transactions the same people are willing to make.

People who say they would never buy an item online with a credit card don't hesitate to hand one to a waiter in a restaurant who disappears with the card for several minutes. We make the assumption, almost always accurate, that the waiter is honest and will charge our bill to the card and nothing more. That's the same assumption that millions of people make every day while shopping on the Internet. And they have found that in nearly all cases their information is used in the way they intended.

At times it sounds like some think that if they don't put their credit card information on a computer they are safe. The reality is that all credit card numbers are on a variety of computers even if their owners have never done anything online. All credit card holders are subject to the security efforts of those companies.

In what may be the worst case of a lack of security, TJX Companies, owners of the TJ Max retail chain, have admitted that someone who hacked in to their computer systems had access to at least 45.7 million credit and debit card numbers during 2005-07. Those card numbers were the ones people used to shop at the company's retail stores, not online.

One thing to remember when using a credit card in any situation is that your liability is limited by law to $50, as long as you notify your credit card company of a fraudulent charge. That legal protection does not apply to debit cards, although many issuers extend the same policy to their debit cards.

There are things you can do to make shopping online as safe as possible:

  • Never send credit card information or any other sort of financial details through an e-mail message. E-mails are not secure and can be read by anyone who has the opportunity and takes the time to do it. As an alternative, some companies that don't have the ability to take credit cards online will allow you to choose what you want to buy and then call on the telephone to provide the credit card information.
  • All transfers of credit card or other sensitive information should occur with a special connection between your browser and the web server. Known as SSL for Secure Socket Layer, it establishes a connection that can't be interfered with by someone trying to steal your information.

    The latest versions of Internet Explorer and Firefox show you are on a secure site by putting a closed padlock at the end of the address bar showing the address of the page you are on. In all cases, the address will start out "https:" instead of "http:" (the "s" is for Secure). Firefox provides an additional indication by putting a yellow background behind the address. (See example from Firefox at below.)

    SSL

    Never provide financial information if you don't have a secure connection.

  • Stick with vendors you know are trustworthy.

    If you'll use your credit card at Sears or J.C. Penney, the extra danger of using it online to buy from their web sites isn't very great. If, however, you do a search for an item simply by price and have no information about the retailer involved, the issues might be quite different.

    Of course a major problem with shopping online is the failure of the vendor to deliver what you order. For that reason alone you want to make sure you are buying from a reputable business. If it isn't someone you have purchased from before, take some time to learn what you can about them. One approach is to search for the company's name on Google and see what appears. You also can search on a web site such as Epinions for a product and it'll give you a rating for the store. Another source for ratings of retailers is Reseller Ratings.

    Since it's human nature to complain louder than praise, you will find that most online rating sites have more negative than positive comments. If a vendor has no positive ratings, or few or no ratings at all, I would look elsewhere for the product.

  • Be careful when completing online order forms so that the vendor has your correct delivery address and e-mail address. After making the purchase, keep all the e-mail confirmations, etc., pending delivery of the item.

There are two additional precautions you can take.

  • If you can, using a third-party payment service such as PayPal can provide an extra comfort level. PayPal doesn't send your credit card or bank account information to the seller of the item you are purchasing, and, if there is a problem, PayPal will get involved to help you sort it out. The other major third-party payment provider is Google Checkout.
  • Another option, if your credit card company provides it, is to use a temporary or limited use credit card number. Some credit card companies will issue special numbers for a single purchase or a limited dollar amount as a way to further reduce the likelihood of problems.

    PayPal actually offers such a service now that can be used at vendors that don't take PayPal directly. PayPal issues a special short-term credit card number that you use and then have the cost charged to you according to the options in your PayPal account.

Buying online remains a personal choice and if you don't feel comfortable doing it, don't do it. But by using some common sense you can do it with reasonable safety.

Main PageHome Tech ColumnSecurity GuideWeb GuideE-Mail me