Secure yourself against fraud while e-shopping

10 Jul 2007

Srikiran Raghavan, regional sales head, RSA, the security division of EMC, provides some useful tips to prevent misuse of your credit information while on the web.

Living in the age of information technology, people are taking advantage of a number of deliverables that e-services provide, such as shopping, business activities, entertainment, travel, etc. However, together with this luxury of convenience and the fast growing popularity of IT adaptation, new concerns on information security have emerged, with online frauds or cyber crimes being one of the biggest threats to the convenience of e-commerce.

It s interesting to note that in its recent report ASSOCHAM has stated that products sold online will grow by 150 per cent to touch Rs5,500 crore in 2007 with the metro cities in India being the largest e-shoppers.

While this is good news for marketers, the lurking danger of increased credit card information falling in to the hands fraudsters on the prowl. This being the age of broadband with 24x7 connectivity shoppers need to be vigilant as they are vulnerable to online frauds as well as virus attacks round the clock.

Secure electronic transactions will be an important part of electronic commerce in the future. Without such security, the interests of the merchant, the consumer, and the credit or economic institution cannot be served. Privacy of transactions, and authentication of all parties, is important for achieving the level of trust that will allow such transactions to flourish. However, it is important that the encryption algorithms and key-sizes used will be robust enough to prevent observation by hostile entities and criminals.

Here are some tips to remember while e-shopping:

  • Do check the terms and disclaimers of an e-shopping site before acquiring its service. For example, check statements for personal privacy. Be aware of phishing and pharming on websites and emails that trap you to provide personal information
  • Do keep a watch on Vishing, a new form of threat on Voice over IP…
  • Do choose e-shopping sites of providing well-known or trusted services.
  • Do notice key measures on providing information or making purchasing on a web site such as
    • Informed consent on personal information
    • Seals of approval applied (e.g. TRUSTe or WebTrust)
  • Do check security of e-commerce website before submitting personal information and transaction (e.g. SSL, https, lock icon in browser, the issuing authority of certificate)
  • Ensure authentication of identity for all electronics transactions through encryption and pass codes
  • Do consider using encryption to protect sensitive data transmitted over public networks and the Internet
  • Do keep transaction records. Most e-commerce sites present you with a summary of your transaction before you click the 'send' or 'buy' button. Print this out or save it as a file to refer to later if necessary
  • Do avoid submitting any data that is irrelevant for the purposes for which it is being collected. Be particularly cautious if asked for personal information, such as credit card or bank account numbers
  • Do be alert to the latest news on sites that are famous for suspicious or labeled as "bad sites"
  • Don't download data from doubtful sources
  • Don't try to visit untrustworthy sites out of curiosity
    Don't forget to check the privacy policy of a web site, ensuring that the personal data you provided is properly used and protected