SSL or Secure Sockets Layer is all about encryption. SSL encrypts data, like credit cards numbers and personal log-in details which prevents cyber criminals from stealing your information. Identify security clues such as a lock image at the side or bottom of your browser or a URL that begins with https.
The ‘s’ in https and padlock won’t necessarily appear on the sites you visit until you log onto a page which needs to be secure such as the account registration or log -in screens and at the online checkout screen.
Most sites ought to provide a link for users to view their SSL certificate and if you want to know what one might look like, then click on our link below.
PCI DSS Certificates
From October 2009 all online shops need to have a Payment Card Industry Data Security Standard (PCI DSS) certificate. The standard applies to all organisations which hold, process, or pass cardholder information from credit or debit cards. It was created to help organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to ‘hacking’.
There are different levels of certification, for example some on-line shops only need to complete a self assessment questionnaire, whilst others have to open up their systems and networks to security scans by third party organisations approved and often appointed by the Merchant Banks. At Office Allsorts we have opted for the more rigorous third party scans.
There are any number of Companies who carry out the certification but in all instances, all sites ought to have their PCI DSS certificate available on their site somewhere.
Finally, there’s something you as a customer can do.
Visa and Mastercard have introduced a secure authentication process for transactions where you, the card holder, is not present. It’s known as 3D Secure and can be considered the online version of ‘Chip and Pin’ technology, whereby the cardholder has a personalised password registered with their card that is entered during the checkout process. This private code gives you added protection against unauthorised use of your card at participating online shops and confirms that you are the authorised cardholder. Even if someone knows your credit/debit card number, the purchase can’t be completed without your password or secure code being entered as well.
Registering involves a quick, one-time process. Simply log on to Verified by VisaTM or MasterCard® SecureCodeTM, register your secret password, create your personal message and you’re done. The next time you shop online, you’ll be automatically prompted for your secret password during checkout.
MasterCard brand their system as ‘MasterCard SecureCode’ and Visa call theirs ‘Verified by Visa’.
2. User Names and Password
If you have the opportunity to change or generate your user name then don’t use your email address,…. it’s too widely known.
If you are issued an initial password then change it at the first opportunity to one with a mixture of letters numbers and symbols, but make sure you will remember it next time.
3. Credit Card v Debit Card
Try to avoid using your debit card. The bank provides you security guarantees with a credit card that are not given with a debit card.
4. Never Send Payment Information via Email
Information that travels over the Internet (such as email) is not fully protected from being read by outside parties. Most reputable merchant sites use encryption technologies that will protect your private data from being accessed by others as you conduct an online transaction.
5. ‘Remember My Password’ – No
Try not to use the option ‘remember my password’ when registering online as your passwords are then stored on the PC, and are the first thing that a fraudster will target. Some malware is designed and written to go and search your PC for these passwords. In addition to this, if you use a laptop that is lost or stolen, the passwords go with it.
6. Check Your Card Statements
Check your statements regularly, not only to verify the transactions you’ve made but to look for irregular activity. Fraudsters usually start with small to ‘test’ the card or personal details before using stolen details in earnest.
7. Privacy Policies
8. Check Terms and Conditions
Check the Terms and Conditions of the sites you visit. If they are genuine, they will have returns policies in place and details about when the online transaction is concluded and your rights as a customer. If these aren’t available, walk away.
9. Anti-virus software
Keep your anti-virus product up to date. For example, set your Microsoft Updates to automatic and you won’t need to remember to update Microsoft’s.
10. Separate Card
Consider using a separate card for online shopping with a low spending limit to limit the potential damage done, if, in the worse case, it is used fraudulently.