Are You Safe Ordering Online?By Michael Rock
Published: May 16, 2005
Even this day and age people are very insecure about ordering anything online. Even though many people order and give their credit card information over the phone they still are hesitant upon ordering online. This article will show you what to look for to see if it is safe to order online, the general process on how things are processed online, and the securities involved. Knowledge is the key for security and I want you to gain security by reading this article.
What The Web User Should Know:
Everyone knows to look for the padlock on the bottom
of the browser, right? If not that tells you that the web page is secure.
Along with that padlock on the bottom of the browser your web page SHOULD
display https:// instead of http://. (The s stands for 'secured')
"How is a web page secure?"
HTTPS is the use of Secure Socket Layer (SSL) as a sub-layer under its
regular HTTP application layering. If you view a HTTPS page and see a
warning pop up about the certificate of the site read the warning carefully.
Here are a couple of warnings that I came across when setting up a SSL
certificate for my site. Such as . . . Certificate is for
https://theinternetpresence.com
but the page is for
https://www.theinternetpresence.com. (When I edited the hyperlink and
left out the www, it resolved the issue.) Certificate points to
hsphere.com instead of theinternetpresence.com. (Again, a simple setting
resolved this issue.) Hsphere is the hosting control panel I use that
controls my site. But look carefully at warnings that point to a web site
that you are not familiar with and warnings that state there is no SSL
certificate at all. For an example of these warnings you can visit my site at
https://www.theinternetpresence.com , because currently I'm switching from a
Windows Server to a Unix Server for added stability and security. If you
did not receive a warning then it means that the move was completed.
For a brief description on what the requirements are to obtain a SSL
certificate look below under "What's the process involved for getting a SSL
Certificate?"
"What about types of Browsers?"
Internet Explorer used to control 90% of the market for web browsers, so
naturally hackers and cheaters were attracted to attacking that browser to
obtain information. So the safe alternative was to use a different browser
like Firefox that was not very popular. But as Firefox gains popularity
they will become a target as well. Their goal was to gain 10% of the
market, and they are now pushing 20% according to statistics of people visiting
my site.
You would be interested in knowing that with a
properly configured web site with the correct shopping cart script for
collecting credit card information that connects to a merchant account gateway,
the credit card number is never seen by the webmaster. It's true! I
cannot see the process of filling out the information, and when I visit my
merchant account online to view transactions I'm not shown the full credit card
number. "But be warned on how people can work around this!"
"How can they process a credit card that is insecure and/or see my
credit card number?"
- If the page is unsecured. (http instead of https and the lock is open on
the bottom of the browser)
- If they use a simple online form to ask for the information instead of a
script. (When the information is emailed out instead of processed)
Even if the form is on a HTTPS page it would still be secured, but as soon
as it is mailed it becomes unsecured and if anything happens the web
site owner could lose his merchant account and not be able to apply for a
new one EVER AGAIN! I've seen customers use this way to process cards
and manually enter them at their store. Needless to say I refused to
create a site that operates this way for liability issues.
Page 1 of 2 | Next Page »View Comments (0) 
