Credit card is an extremely convenient option for paying as well
as receiving small value payments over Internet. Anyone can install
a payment gateway system for receiving payments from overseas buyers
for sample or even small shipments. However, is it safe ? We discuss
safety angle first.
Contrary to popular belief - credit card is a much safer payment
option than cash or cheque, provided you follow certain safety rules.
Its like motor driving - there's always risk of accident but sticking
to traffic safety rules minimizes the risk significantly.
The Real Question - How Safe is it for Internet
Frauds relating to credit card is nothing new - it happens everyday
in off-line world. It has been around as long as credit cards are
in circulation and in all probability will exist so long as credit
cards do in their current form.
So, the real question should be - is it safe to use credit card
in Internet ?
Let us examine the special threats that exist in online world only
and how to counter them.
Anonymous World of Internet
Much has been written about anonymous nature of Internet that guarantees
freedom of expression and at the same time provides a convenient
cover for scamsters and con artists to hide behind.
So, if you are gullible enough to hand over your credit card details
to an unknown person or use as insecure a medium as e-mail to convey
it - its as good as inviting scamsters to rip you. After all, you
do not hand over your credit card to strangers - then why should
you do so on-line ?
The question - how to ascertain identity before handing over credit
card details ?
Secure Payment Gateway
General web-sites send and receive information through public channels
that anyone with little knowledge of Internet can trap and 'listen'
to. Secured sites send and receive information in encrypted form
so that even if trapped - deciphering the encrypted information
is not easy.
So, a web-site that wants to accept credit card MUST BE secured.
You can make out if the web-site is secured or not from your browser
- if you see a padlock at the bottom right or left hand side of
your screen, this denotes that you are on a secure server.
Credit card accepting web-sites should have security certificate
from an accepted third party authority like Verisign. A Verisign
certified secured site is generally considered safe enough for on-line
credit card transaction.
The other component of the site is 'payment gateway'. Its a software
that accepts and verifies credit card details with credit card issuing
bank. We shall discuss about it in detail in forthcoming issues.
Threat of Identity Theft
On-line credit card payment is extremely convenient - all that's
needed is the credit card number and date of birth. Neither physical
presence nor signature is required for transacting on-line - making
it an easy prey for identity theft.
So, anyone who has access to your credit card number and date of
birth can use your credit card to defraud you - right ? Wrong !
In most cases.
Perhaps the above was true few years back - but not anymore. Many
payment gateway providers have developed sophisticated techniques
to detect on-line frauds and can prevent many such threats. The
fraud detection engines are still evolving, the systems are not
fool-proof - but it now requires much greater degree of sophistication
on the part of fraudster to commit on-line credit card fraud.
Extra Protection Against Fraud
Perhaps you do not realize it, but shopping with credit card is
actually safer than paying by cash or cheque. In the event of a
fraud or even bad delivery - consumer can ask his/her bank to stop
payment. In technical jargon, it is called 'Chargeback' - where
the credit card company removes the purchase from consumer's bill
and the merchant is not paid.
Happy and Safe Surfing
Dr. Amit K Chatterjee
- Newsletter on Business Opportunties from India and Abroad
Vol: 4, Issue 25
; Feb 19' 2004
Dr. Amit K. Chatterjee
(Amit worked in blue-chip Indian and MNCs for 15 years in various
capacities like Research and Information Analysis, Market Development,
MIS, R&D Information Systems etc. before starting his e-commerce
venture in 1997. The views expressed in this columns are of
his own. He may be reached at firstname.lastname@example.org