Are You Safe Ordering Online?
Even this day and age people are very insecure about ordering anything online. Even though many people order and give their credit card information over phone they still are hesitant upon ordering online. This article will show you what to look for to see if it is safe to order online, general process on how things are processed online, and securities involved. Knowledge is key for security and I want you to gain security by reading this article.
What The Web User Should Know:
Everyone knows to look for padlock on bottom of browser, right? If not that tells you that web page is secure. Along with that padlock on bottom of browser your web page SHOULD display https:// instead of http://. (The s stands for 'secured')
"How is a web page secure?"
HTTPS is use of Secure Socket Layer (SSL) as a sub-layer under its regular HTTP application layering. If you view a HTTPS page and see a warning pop up about certificate of site read warning carefully. Here are a couple of warnings that I came across when setting up a SSL certificate for my site. Such as . . . Certificate is for https://theinternetpresence.com but page is for https://www.theinternetpresence.com. (When I edited hyperlink and left out www, it resolved issue.) Certificate points to hsphere.com instead of theinternetpresence.com. (Again, a simple setting resolved this issue.) Hsphere is hosting control panel I use that controls my site. But look carefully at warnings that point to a web site that you are not familiar with and warnings that state there is no SSL certificate at all. For an example of these warnings you can visit my site at https://www.theinternetpresence.com , because currently I'm switching from a Windows Server to a Unix Server for added stability and security. If you did not receive a warning then it means that move was completed.
For a brief description on what requirements are to obtain a SSL certificate look below under "What's process involved for getting a SSL Certificate?"
"What about types of Browsers?"
Internet Explorer used to control 90% of market for web browsers, so naturally hackers and cheaters were attracted to attacking that browser to obtain information. So safe alternative was to use a different browser like Firefox that was not very popular. But as Firefox gains popularity they will become a target as well. Their goal was to gain 10% of market, and they are now pushing 20% according to statistics of people visiting my site.
You would be interested in knowing that with a properly configured web site with correct shopping cart script for collecting credit card information that connects to a merchant account gateway, credit card number is never seen by webmaster. It's true! I cannot see process of filling out information, and when I visit my merchant account online to view transactions I'm not shown full credit card number. "But be warned on how people can work around this!"
"How can they process a credit card that is insecure and/or see my credit card number?"
- If page is unsecured. (http instead of https and lock is open on bottom of browser)
- If they use a simple online form to ask for information instead of a script. (When information is emailed out instead of processed) Even if form is on a HTTPS page it would still be secured, but as soon as it is mailed it becomes unsecured and if anything happens web site owner could lose his merchant account and not be able to apply for a new one EVER AGAIN! I've seen customers use this way to process cards and manually enter them at their store. Needless to say I refused to create a site that operates this way for liability issues.