How to Ensure Safe Shopping
While computer fraud has advanced in recent years, so has the technology that can help to protect the integrity of your online communications and financial transactions. Three of these technologies are especially important: encryption, authentication (SSL, digital signatures, digital certifcates), and security tokens.
Encryption is a technique used to scramble content in files that you don’t want anyone to be able to read. This protection is critical to safe online shopping. When you shop, you’re sending a LOT of information that you really don’t want to share with the general public. Your credit card numbers. All your personal information—your full name, address, phone number(s), and email address(es). Encryption of one or more forms is crucial to protecting all that shopping information. When you encrypt a file, you’re applying a “code” to it so that anyone who doesn’t know the code can’t read the file. Unscrambling an encrypted file so that it’s readable again is called decrypting it.
Encryption Applying a secret code (cipher) to your messages or files to keep other people from reading them without your permission.
In addition to encryption key size, encryption methods also vary. Today, there are two major methods used to encrypt communications over the Internet: symmetric encryption and public key encryption. Symmetric encryption, also called secret key encryption, uses the same key to encrypt and decrypt the message. In symmetric encryption, both the sender and the receiver have to have the same key. Therefore, the key must be kept secret. Public key encryption uses two keys: a public key and a private key. You can use either key to encrypt the message but only one of the keys will decrypt the message.
Ciphertext A message or file after it’s been encrypted. Ciphertext appears garbled and can’t be read until it’s decrypted.
What all of these methods have in common is that you MUST have the cipher or key to translate the ciphertext back into plain text that makes sense. No key, no content.
Secure Socket Layer (SSL)
SSL is an important layer of security if you are providing personal information such as in a credit card transaction. SSL is a protocol that encrypts the transmission of data via HTTP. You can tell if you are protected by SSL if the browser address bar displays an “https” instead of “http”, and if you see the lock symbol on the bottom right of your Web browser status bar.
How You Can Tell If a Website is Secure
Only ever put your card details into secure websites. Be on the look-out for the following signs to know you are shopping safely. Remember, this only means the site is secure, not that the seller is honest.
Padlock symbol – There should be a padlock in the address bar next to the website address.
Website address – This should start with https://. The S stands for secure
Green address bar – On certain browsers and websites the address bar will turn green.
Valid certificate – If you click the padlock symbol or just to the left of the address bar, you should see information on the site certificate. This should tell you who has registered the site. If you get a warning about a certificate, avoid the website.
Use Virtual Credit Card
When it comes to protecting your financial data, there’s no such thing as too safe. That’s where a virtual credit card might come into play.
Virtual credit cards aren’t really cards at all — at least not in the literal sense. A virtual credit card is a randomly generated number designed to protect your traditional credit card information when shopping online. Services like Bank of America’s ShopSafe service and Virtual Account Numbers from Citi produce a temporary credit card number to help keep your actual account information more secure.
The use of virtual credit cards is not widespread, so consumers may have to search a little to find a credit card company that offers virtual credit cards as a payment option.
Two major credit card issuers, Bank of America and Citi, currently offer virtual credit cards.
Bank of America’s ShopSafe service, which is available on Visa and Mastercard accounts for customers who use Bank of America’s online banking service, automatically generates a virtual credit card number for online shopping.
Customers choose how long they want that number to be valid (the “valid through” date can be up to one year in the future) and can even use the virtual credit card number for recurring monthly payments.
The temporary 16-digit account number also comes with its own expiration date and security code for added security.
The Virtual Account Numbers benefit from Citi, available for some Citi credit card accounts such as the Citi ThankYou Preferred Card, works slightly differently. It generates a virtual credit card number that can only be used with a single merchant, so it won’t work if someone steals it and tries to use it elsewhere. (Citi cardmembers can request additional numbers to use for other merchants.)
But be aware that virtual account numbers aren’t available for all Citi cards. Sign in to your account via Citi Online to see if your card is eligible.
The major credit card networks Visa and Mastercard also offer their own virtual credit card services, called Visa Checkout and Masterpass, respectively.
Both programs allow you to create an account directly through Visa or Mastercard and tie it to your existing major credit card or debit card. Visa Checkout and Masterpass accounts can only be used at participating merchants.
Both offer faster shopping in which you click on the Visa Checkout or Masterpass buttons — and don’t have to fill out your credit card number or billing address — to make an online purchase. You may also have the fraud protection associated with your credit or debit card.
Relatively new players, such as Final and Entropay, have gotten into the virtual card business, too.
While virtual credit cards do offer another layer of security, there are a few reasons consumers may be slow to use them.
“There’s a possibility that getting a refund or returning items could be more complicated with a merchant, especially if you have to confirm your credit card number later,”
In addition, you could run into complications if you book a hotel or a rental car with a virtual credit card number and need to show that card in person.
And then there’s the issue of fraud. Just because virtual credit cards may boost your security doesn’t mean you should let down your guard.
While virtual credit cards can make it harder for thieves to steal your credit card number, most credit card companies already have several other security procedures in place.
There’s no such thing as “fraud-proof.” Most experts think of card security in terms of layers — the more the better.
Virtual credit cards may offer an extra layer of security, but using one doesn’t give you license to let your guard down.
Make Sure the Web Site is Valid and Trustworthy
Use one or more of the site-rating Web-browser extensions. If the site is problematic, you will know.
Some of the better-known extensions are Bitdefender TrafficLight , LinkExtend , and McAfee WebAdvisor . You also have the option to check questionable domains on the extension developer's Web site.
Beware of Deceptive or Disguised Offers
When you're filling out the information required to make an online purchase, carefully read what all the check boxes represent, regardless of whether they're selected. Opt-in and opt-out wording may be interchanged.
Check Often For Unusual Debit/Credit Card Transactions
This tip is important. In almost all cases, discovering fraudulent charges early will lessen the impact of the problem. In fact, financial institutions usually absorb the charges if they're reported within a few days. So check often and know the liability limits used by your debit/credit card provider. After making online transactions, be sure to double check for any accidental or potentially fraudulent charges. Unauthorized credit usage should be reported immediately in order to prevent further activity. Unlike credit fraud, identity theft including a compromised social security number is much harder to detect and properly address, therefore monitoring for changes goes a long way.
Use Strong Passwords
Passwords can be the first and sometimes best line of defense against cybercriminals. Using complex passwords is a good start, but they also need to be kept private and changed on a regular basis. Also, use a unique password for every website.
Don’t Shop on Public Wi-Fi Networks
Always assume public Wi-Fi networks are insecure. Never enter sensitive data (bank account information, credit or debit card details, etc.) when using the Web on a public Wi-Fi network.
Use a Good Security Solution
Invest in a security suite that offers anti-virus, a two-way firewall, and other essential tools, to protect your data and your computer from online threats.
These are some really simple ways to shop safely online you can use every day:
- Research retailers online to make sure they’re legitimate.
- Make sure the website is secure.
- Know your rights and the company’s returns policy.
- Keep software and virus protection up-to-date and use strong passwords for online accounts.
- Pay using a credit card. You will have more protection. Alternatively, online services like PayPal mean scammers will not be able to get hold of your bank details.
- Be smart. If a deal looks too good to be true, it probably is.
You should also be aware of pharming scams, where fraudsters attack the website you are trying to use.
It will appear as if you’ve gone to the correct website, but it’s a fake version designed to steal your information. Be on the lookout for strange looking web addresses with a selection of numbers or a different spelling.
Shopping online should be secure and enjoyable, and with these cyber security tips you can stay safe while you shop.
Security Tip For Safe Online Shopping
How to Stay Safe Online
How to Avoid Phishing Attacks
What Is Encryption?
How Secure is Encryption?
What is Cryptography?
Did you find this tutorial helpful? Don’t forget to share your views with us.