online vs. In person

The risk of credit theft is viable no matter how you shop, whether online or in person. However, in my experience as a retailer for 5 years and as a consumer for over 20 years, and as it seems now, your credit card information is more likely to find itself in the wrong hands from an in-person purchase than from a Purchase online. Consider that when you use a credit card in person, such as when you’re at a restaurant and your credit card disappears in a back room somewhere. Is someone writing down their number, expiration date, and CCV somewhere? Who would know? I’ve heard of one account where that happened and another where a copy of the card was made. Then there was another incident at a well-known department store where carbon copies were kept and used for employee-to-employee purchases. Another consideration for using credit cards in person is that signatures are rarely verified, and even when they are, they are often not properly scanned. The same goes for photo identification. Also, as just mentioned, these incidents aren’t limited to diners and hole-in-the-wall shops, either. Employees of renowned restaurant and shopping establishments are committing this type of theft.

Now suppose you don’t give your card to a stranger to process in a back room where you can’t see, but instead swipe your card through a machine (also known as a terminal). Guess what? You have just made an online purchase. All of your credit card information went through an electronic processing portal, which is the same thing that happens when your credit card is processed over the web. As you can see, online processing is almost the same as in-person processing, in that sometimes your card information goes directly into an electronic portal, and sometimes it resides with an employee who then processes the information (for online purchases, the information is stored temporarily). stored on a secure server until an employee processes the information).

Now you can see that there are two ways to process credit cards: online and in person. The first way (automated processing) is identical for online and in-person transactions, since neither employee sees your information. The second way (manual processing) requires an employee or store owner (or sole proprietor) to manually process your transaction.

Why is online safer than in person? There are at least a couple of reasons. If the process goes directly through a processing gateway (automated processing), then there is little or no difference between online and in-person transactions. If the process is done through an employee (manual processing), then usually the online store only has one person or a small department that is allowed access (or exposure) to your information, while that when you’re processing a card at a restaurant, almost any clerk has permission and is capable of handling your credit information. Also, keep in mind that unless you’re dealing with a well-known national store, most online stores are fairly small and owned by sole proprietors or an LLC. These owners put a lot of time, energy, and money into setting up their store. Becoming the target of credit theft would undermine these efforts. Brick-and-mortar stores, on the other hand, hire employees who have little, if any, stake in the success of the business.

uninvited thieves

Online shopping generally avoids most, and sometimes all, potential threats from so-called “trusted” employees. However, online shopping offers a potential danger zone of its own: hackers. Credit card numbers and other vital information are almost certainly stored in a database somewhere. If that database is compromised, so is the credit card information it contains. Although, from what I’ve read and heard over the last 5-7 years, this happens much, much less than in-person robbery. A lost or stolen purse or wallet is much more likely to result in an attempted credit card fraud. Even if a hacker broke into one of these databases, not only would the investigation be brought to a very high level (unlike a stolen purse or wallet or even identity theft), but there would also be hundreds or millions. from others online with you.

CISP: VISA (et al) is on your side

We have learned that automatic transaction processing is just as secure whether it is done online or in person. And based on the points made, manual transaction processing is often more secure when done online than in person (again, at least right now). However, there is one consideration that can lower the defenses of a manual transaction made online. Typically, your credit card information is stored in a secure database and an employee must transfer that information to the secure gateway. However, if the store stores your credit information on your local computer, that leaves your information open to hackers on that computer. Unfortunately, without asking, or unless it’s mentioned in the shop’s FAQ, there’s no way to tell if they do. Although it is not necessary for a store owner to store this information, and it is technically against VISA regulations, it certainly can happen. If you feel or find that your credit information is being stored by a store owner, either in person or online, feel free to visit the VISA Cardholder Information Security Program (CISP) page located at http://usa.visa.com/merchants/risk_management/cisp_overview.html

catch a card

If a credit card thief tries to use a stolen credit card at a store (online or in person) that uses manual processing, there are signs that can point to such an illegal transaction, which humans can detect. In person, there are photo and signature IDs that, when worn, can mark the purchase. Online, an incorrect billing address, phone number, or even a bounced email can flag the process. With automatic transactions, the card is likely to be accepted without question, even if there are one or two small flags. In such cases, if your credit card or credit information is stolen, you can only hope that the thief uses a store that processes transactions manually.

Online Skeptics Are Still Online

Given the number of people who are skeptical of making purchases online, it would seem that these people are unaware of a law that went into effect on October 28, 2004, or do not write personal checks. The Check 21 Act has almost guaranteed that your personal checks will be scanned into an electronic format, stored, and even transferred as needed, just like credit card information. Additional information on Check 21 can be found at [http://www.ftc.gov/bcp/conline/pubs/credit/check21.htm]

Security = Encryption

One of the most common precautions when shopping online is to make sure the website you provide information to is secure (encrypted). Depending on the browser you are using, secure pages will usually have a lock somewhere in the status bar. Also, the URL (address of the web page) will start with HTTPS:// (Notice the “S” after HTTP. The “S” means the page is secure.) On a secure page, the information that is sent is encrypted. , that is, the information becomes a puzzle that is extremely difficult for anyone except the receiving computer to solve. Also, remember that credit cards are just one type of information collected online. Always make sure web pages are secure before providing social security numbers and other vital account information, such as bank account information.

getting old is a good thing

Consider the number of years a store has been open to the public. Ask for your Sale and Use or Fiscal Permit. Even online, they must show one because if they are transacting business over the Internet, then that is their “place of business.” Stores obviously have to start somewhere, but just use a little extra caution with stores that have only been open for a year or two. Consider calling them before ordering just to check someone is on the other end.

Change of names – Change of favorites

When information is collected on all other websites you visit, the sensitivity level of that information is diluted. Consider changing the name of your favorite pet from time to time. And the “First Street You Lived On” doesn’t have to be the first street you lived on. It also doesn’t have to be the last school you attended. These are simply reminders, and are sometimes easier for a stranger (or even a family member) to guess than your password. Consider not using the actual answers to these. They can be used as backdoors into your account.

Use another credit card

Most people today have more than one credit card. Select a card that has the least amount of credit to ensure that if something goes wrong, you have less to lose. You should also consider using only one credit/debit card from your primary bank account for larger, less frequent purchases. If this card is swiped and used, it could leave you short for any legitimate transactions that haven’t settled yet, like your online bills. You can also set up a bank account solely for online purchases. If you use your main bank, you can transfer money as needed to cover charges before they happen: Or just keep a very small amount (like $100) in that account at all times.

Temporary credit cards

Speaking of using another credit card for online purchases, some financial institutions are now offering temporary credit cards with a set limit, a set time frame, or both. Contact your financial institution for additional information on temporary credit cards.

Out of the box (or in another box)

Another idea for online payments is to always use the same credit card for online purchases and monitor that account very regularly. Also, consider minimizing your use. You might also consider using an online money transfer service like PayPal or Google Checkout (although these limit your purchases to stores that also use these services).

information storage

When shopping online, you will most likely be asked for a password for an “account” in the online store. At some point, maybe even today, you already have too many passwords to remember. Conversely, if you use the same password for everything and that password is discovered, you have even more places where you are vulnerable to theft. As you probably already know, writing passwords down and keeping them in your purse or wallet is extremely risky, and you NEVER want to store your PIN numbers in the same place as your ATM/debit cards (that’s like putting your password under your keypad or a key under the rug). A safety deposit box or fireproof safe would be nice, but considerably less convenient. You may want to consider a password storage application which can be found by visiting the sponsored links at http://www.google.com/search?q=password+storage. With this method, you remember one password that will allow you to access all your other passwords (so make it a long and complicated password). And if you store passwords on your cell phone, PIM, or laptop (although they’re all very dangerous), be sure to password-protect those devices, too.