Let's face it, there has been a lot of hype by the traditional print media over the fact that
there is no security on the WEB when it comes to purchases.
The fact is a waiter or waitress at a restaurant has more
ease of access to your credit card
that does some computer hacker.
All of the major companies (
Visa,
MasterCard,
Discovery Card and
American Express
) know the potential value of the WEB for their products and are working
hard to formulate a strategy with the apparent winners to be Visa and
MasterCard as the only two credit card organizations who have won the
preferences of the designers on the net.
You can enter your credit card number on a secure (https) form (look for the
little lock image at the bottom right hand corner of the screen) and
transmit the form over the Internet to a secure server without risk of an intermediary
obtaining your credit card information. The security features offered by technology protects commercial transactions, as well as all other
communications, from misappropriation and fraud that could otherwise occur as information
passes through Internet computers.
Secure communications does not eliminate all of an Internet user's concerns. For example,
you must be willing to trust the server administrator with your credit card number before
you enter into a commercial transaction. Security technology secures the routes of
Internet communication; security technology does not protect you from disreputable or
careless people with whom you might choose to do business.
The situation is analogous to telling someone your credit card number over the telephone.
You may be secure in knowing that no one has overheard your conversation (privacy) and
that the person on the line works for the company you wish to buy from (authentication),
but you must also be willing to trust the person and the company.
Secure technology could become less expensive to maintain properly. Recently
Tucows signed an agreement with Entrust that would provide resellers of 128 bit Secure
Certificates for as little as $99.00 US per year. This would significantly put market
pressure on Verisign who now holds 95 % of the Internet security market and charges
considerably more.
One way that is currently is used is to ask the purchaser to send their credit card
information in two parts. One the 16 digit code and then send on a separate e-mail
the expirary date and the amount of the transaction. Hackers use software to track
down 16 digit numbers from e-mails and server computers. By breaking the three major
pieces of information into two transmissions, it is virtually impossible to track and
capture the information.
Another method used is to have a 1-800 toll free number that persons wishing to order
the item can call when they wish to order an item or be provided with information about a
product or service. It is found that toll free numbers are not abused by the general
public. People still like a live person to talk to and such a service should be provided
to provide assurance to potential customers.
Recent in house studies on the use of 1- 800 toll free numbers to order
items as compared to using unsecured internet form submission showed that
North Americans preferred to order via the Net more often than using free 1
800 numbers.
A third method that was originally done, was to request the buyer to send a cheque to
an address listed on a sellers web page. This is still one of the most used techniques
however it is dying a quick death because of the time it takes to send the check via snail
mail and then to process the order.
And Yes, if you want - we can
supply a secure form on your web site - the cost per year for this service
is now about $135.00 Canadian funds.