Online Banking and Credit Card Use

One question that I get asked the most is whether it's safe to use your credit card online or do your banking? People assume that I don't because the more you know about online security the less secure you feel, however, this assumption could not be further from the truth. I love banking and do make purchases online. In fact, if my husband didn't do all the grocery shopping, I would be the first one ordering my food online too.

I'll start with credit cards security. As is the case with real world use, you should always use common sense when handing over your plastic to strangers. For example, you wouldn't feel as comfortable handing your card over to a street vendor but wouldn't think twice about using it at a well-known chain store. Well there is still a risk that the nice polite clerk behind the counter of the chain store is secretly keeping a list of card numbers for misuse later on and that the rough looking street vendor is actually the most honest person in the world. However, you get the main point that you should go with your gut on this and if it doesn't feel right then it probably isn't. The same people that tell me that they are afraid to use their card for online purchases are usually the first to admit that they casually pay their restaurant bill with their credit card and just leave their signed chit on the table for the server, busboy, etc. to pick up after they have left. For online transactions, just follow a few rules before providing your number. Never set up an account with a merchant and leave your credit card number in their database for easy transactions later. Hackers frequently target database servers. Setup the account with your personal information but omit the credit card. It may seem like extra work but this little step may save you much bigger headaches up the road. Make sure you never check anything that asks you to save this information for later use especially passwords. Try to use reputable companies and ensure that they offer a secure site for credit card transactions. Be cautious when giving out the credit card code as many online retailers are starting to ask for it to reduce their own fraud problems. Never put your credit card information in an email unless it's encrypted. You can tell if you're using a secure site by looking at the website address. You should see https:// in the address pane as opposed to just http://. It wouldn't hurt to look at the full address to ensure that you haven't been redirected to a phony website. I will explain more about this scam in another article. You should also see a small lock at the bottom of your screen. In any case, the worse case scenario is that if someone did get a hold of your credit card number, you are only responsible for a small amount, as most credit card companies will eat the rest. Most credit card companies assume the risk with online transactions. That is why some of them have setup the temporary one-use credit card number for their customers. The way it works is that you go to your credit card company's site and log in to your account. You request a one-use credit card number for a specified amount that will be linked to your primary account number. The beauty of this is that it can only be used for the amount specified so you can go ahead and make your purchase with the peace of mind. You're using a disposable card number so if it gets in the wrong hands it will be only worth the amount you had specified or for a very limited time period. If your credit card issuer does not yet provide this service you may opt to get an account with Paypal which is widely accepted by many online merchants. At this time, Paypal accounts are free and allows you to pay for merchandise online while keeping your financial information private.

Some of the same principles apply to banking online or through an ATM. You are much more likely to get scammed by using a private ATM rather than one attached to a bank due to extra security precautions put in place by the institution. It is much easier for a would be scammer to install key loggers or hidden cameras on a private unattended or unmonitored ATM. Once they have all your private information then they may choose to eat your card or spit the card back out claiming the machine is out of service. What support would you expect to get from one of these private machines in the middle of nowhere? Perhaps you call their toll free number 1-800-U Sucker. One more thing about ATM card security is to use a different card such as your autoclub card to get in the locked door. This is just in case a card reader is fraudulently attached to the locked door entry of the ATM instead of the ATM itself. The banks all use very secure sites and hopefully the latest encryption methods to transfer your information from your computer to them. Banks and legitimate online merchants must provide the securest of sites, if for no other reason but to maintain their reputation. The only real threat that I can think of is on the users end if they are using a shared computer that may house a key logger Trojan horse. This can also happen on your home PC if you're not diligent with your antiviral updates and tests. It's also recommended that you clear the cache on your computer so that all traces of passwords or anything sensitive will not be readily available to anyone who gets access of your computer. Users are usually their own worse enemies on this front, as many will leave confidential information such as passwords lying around on their desk or stuck to their computer screen. All the secure socket layers in the world won't help these folks.

Let me give you a quick simple lesson on SSL or secure socket layer protocol, which is used to provide a secure communication channel between you and the site offering the service. The whole process is very lengthy so I will provide you with just a simple explanation. Basically, the uses for SSL are to provide a confidentiality tube between browser and web server. Its main function is to authenticate the server and in some cases the client as well. Imagine this, at your end of this channel, you type in your account number and password then when you press submit or enter, a big vacuum hose sucks up the information. While your information is traveling through the vacuum hose, it is all scrambled so that if there were any holes in the side of the hose, the pieces flying out would be completely jumbled like a broken jigsaw puzzle. However, once the pieces make the journey through the hose into the bag, the receiving party reassembles them only if they can provide evidence such as a key to validate their identity as the legitimate receiving party. At this time, the best SSL version is 3 so next time, you get the little yellow lock showing a secure server, double click on it and look for Version V3 under the details tab. If its 3 or better then your dealing with a company which is serious about offering a secure service. You can get quite a bit of information by looking at the certificate so if you haven't tried it before give it a whirl sometime.

Enter your search terms Submit search form