I would like to address some of the misconceptions about online security. First lets start with some facts.
- 11.3 million Australians access the internet
- 61% of the 11.3 million have shopped online
- The majority of shoppers are aged 35-54
- Around 18% are over 55
- Visa International has found that online credit card transactions make up less than 2.5% of all credit card fraud
- Research indicates online merchants are at less risk than retail merchants of fraud
- 72% of personal information theft occurrs offline
- 50% of all identify theft is committed by friends, family members and neighbours
Sources: Purchasing of Goods and Services via the internet (2006-07) Australian Bureau of Statistics www.abs.gov.au, Visa International, www.ecommercewebsites.com.au
The dangers involved in online payments is generally exaggerated in the popular media and as a result alot of people I talk to are still uncomfortable sharing their credit card details online.
I see the risk break down into two main areas:
The Client Computer
A website and web server can be designed to take all the precautions in the world to protect your sensitive information, but that is only half of the picture. Your personal computer can be infected in ways that can capture your details BEFORE if even reaches the web server. Some general guidelines:
- regularly update your anti-virus and anti-spyware software
- regularly scan your computer for infections
- keep your operating system and software up-to-date
- make your passwords hard to guess, do not use dictionary words, combine letters and numbers
The Website
A website can securely communicate with a visitor. The golden rules to securely transmit data are based on encryption and common sense. For example:
- credit card details should never be emailed
- Sensitive information should always be transmitted on a secure connection (SSL)
- Encrypt passwords