My former graduate student Steven Zeligman has just submitted another article for the column. Here are his practical suggestions (with the usual editing from me) on improving the security of shopping online.
The following text is Steve's:
Online shopping does pose risks, but the risk can easily be reduced.
Eliminate malware
Before shopping online, clean your computers of malware (malware is MALicious softWARE).
Shop only at trusted online retailers
Use the same common sense when shopping online that you would use when shopping in the physical world. Be as vigilant when choosing online retailers as when choosing brick-and-mortar merchants. If you are uncertain about a particular Web site, check the Better Business Bureau's ratings. Reliable online merchants provide a phone number where you can talk to a customer-service representative about security issues. Look for third-party seals of approval such as BizRate, BBSOnLine, VeriSign Secured, and HackerSAFE. Usually clicking on the symbol will bring you directly to the report for the Web site you are visiting.
Look for Web site security indicators
Although the following are by no means absolute indicators of security, they're a start:
- A padlock in the browser window's status bar (be discriminating - sometimes it's a false indicator or even just a symbol placed on the Web page itself);
- URLs that start with "https" instead of just "http"; and
- The phrase "Secure Sockets Layer (SSL)" in the description of the communications protocol.
These are all indications that the online merchant may have taken measures to protect their customers' private information in transit.