Monday, July 05, 2010

Credit Card Security: How to protect yourself from credit card fraud

The WorldWide Web is a game changer when it comes to using your credit card for online shopping That unfortunately means that it is also a rich new resource and playground for cyber criminals.
Due to lack of security, one in 10 of Australia's internet users are now losing money to online identify fraud over the past year with losses totalling $1,286,000,000, reports VeriSign, a major player in the SSL Certificate industry.
That's an average of $1,000 per fraud victim of the 1,300,000 people affected, with more being lost in the 18-24 year old profile.
This is a 30% jump on the amount of money lost online in 2007.

Eight things that you can do to protect your personal and credit ID online.


1. Don't use your credit card to make purchases online. Use a Debit card instead. This will limit your losses to what money is left on the card. If you only transfer funds to it as required, then any losses will be tiny.
2. Keep your firewall, virus and phishing scanner software up to date and run them when online.

You could consider changing to an Apple computer. They are much more secure and less prone to virus and Trojan attack, but not immune. Try the iMac, the Mac book or the Power Book when you next update. There are a lot of other benefits also. You may want to keep the iMac for the Internet only, and the PC for desktop only duties. For business use Microsoft applications are easy to use. As PCs are so cheap these days, maybe you should use one for desktop work only and use your Mac for online work.
3. Use an encrypted keyboard. This ensures that keyboard readers are foiled.

You could also use a bank that uses a scrambler for your pin numbers. The scrambler randomly changes each pin number to a letter, each time you login. So your pin is scrambled each time you enter it. And will be different the next time you log in. This foils keyboard readers.

4. Ensure that you are putting your personal info into an encrypted form with a secure certificate. You can tell this by the address line in the browser starts with https: instead of http:
This is essential as even a trusted site can have your details stolen is it does not secure your information.

4.Even if you use a PC, don't use Internet Explorer for web surfing or purchasing. Install a more secure browser. Try Google Chrome, FireFox, Safari or Opera instead.
Apple's Safari for instance gives a warning when the security certificate is not known. Heed this warning and ensure you trust the site before proceeding.
This warning is when the browser detects a generic security certificate, not necessarily a bad site to transact with. For instance I have noticed that Melbourne IT, Australia's peak Internet names registrar uses a generic certificate, and I obviously trust Melbourne IT so I proceed with the transaction.
If the SSL certificate is issued by Verisign, Geo Trust or Thawte these are recognised as authentic and verified by the issuer, and show as such. These site also come with a guarantee.

5. Use a third party payment method for buying from unknown sites. Small companies understand they don't have the trust factor that major online brands command, and some cannot afford the security vigilance required online today, so most will opt for a third party payment solution as a way to ensure they don't lose business opportunities because of this lack of trust.
Third party payment options include PayPal, Digital River, e-Junkie, and 2Checkout. This means that your details will not be going to the merchant, but the trusted intermediary who are better placed to protect your information. I have used all of these to pay for goods online. Paypal is the best known, some merchants offer two so you can choose one, and I have used e-Junkie and 2Checkout where a choice is offered. Again, when you go to the transaction area, make sure that you are on the right site by checking the URL address in the browser window, and that it is in fact a form protected by an SSL certificate.

6. Always check your credit card/ debit card statements and determine that all transactions on there were authorised by you, and notify immediately your credit card issuer if there's something on there that you don't recognise. Also take your time. There may be transactions that you have forgotten about.

7. Try to resolve any errors with the merchant before contacting your bank. Your bank will give you more credence if you do, and relate the conversation to them.
Even honest companies make mistakes, and I have had Amazon make a couple of double orders when I did not want this to happen.

Another time I pulled out of my order without confirming the transaction, and somehow it went through. These were quickly resolved by Amazon for me.
8. Beware the free offer. Do not go for any free sample offers that come up. These can be bate traps for getting your credit card info.
 I did once. It went from a free offer, to a $1.95 postage [to get the credit card details], to $11.95 when it was transacted. I rang to cancel immediately and was told I could not. If I allowed the transaction to continue you were then slugged $68.00 for a second months supply. I rang my bank, who cancelled the transaction, and issued me with a new card. In 11 years of buying online it was the first time I was scammed. And this is typical of scams. They take a few dollars at a time.

By following this advice you should be able to use your credit cards [or preferably your debit card] online and not become another victim of Identity fraud.
Author: Rick Adlam of Mr Mortgage