Insecure in Using Credit Cards Online
Question: Is it safe to give my credit card information over the Internet? What prevents thieves from intercepting it?
Answer: Normal Internet traffic is transmitted “in the clear,” which means that the data can be copied by anybody the data packet passes by on the Internet, a process called sniffing. It’s like a postcard. Anybody who sees it can read it.
Most electronic commerce that takes place via a Web site is protected by encryption, which essentially wraps the data in an envelope, to continue with the postcard analogy.
Encryption uses a secret code to scramble the information so that anyone who intercepts it won’t be able to read it. You can tell when your Web transaction is taking place in a secure encrypted environment because a little padlock will show up at the bottom of your Web browsing software. Most browsers will alert you when you’re entering and leaving a secured portion of a Web site, but many consumers disable such warnings.
Thanks to this system, known as SSL, or Secure Socket Layer, the actual transmission of a credit card number via the Internet is quite secure. But there are other concerns.
For instance, people have created dummy Web pages, sites that appear to be legitimate but exist only to collect your information. So type in that Web address carefully.
A more pressing problem is data security once the transaction has ended. After you’ve given a company your credit card, often that information is stored on the Web site. It is then that your credit card information is most vulnerable.
Hackers have repeatedly broken into Web sites and stolen hundreds of thousands of credit card numbers from electronic databases. Just this year, Web sites run by Bibliofind, Travelocity and Egghead exposed the information from millions of customers to thieves.
All of this sounds unsafe, but the fact is it’s probably no less safe than handing your credit card to a waiter who disappears with the plastic for minutes at a time when you pay your bill.
If you’re worried about people stealing from you, paying with a credit card is probably the safest way of doing business because nearly all card companies will waive charges if the card owner claims fraud. Check the terms of your bank agreement to see what you’re liable for.
But remember that paying with a credit card has risks as well, particularly with regard to privacy; federal investigators proved Monica Lewinsky and then-President Clinton were exchanging gifts by studying credit card transactions.
*
Dave Wilson is The Times’ personal technology columnist. Submit questions to Tech Q&A; at techtimes@latimes.com. Please be specific about your computer and operating system and include a daytime phone number.
