|People are still nervous with giving Credit Cards over the Web|
After 5 years, still surprized at the level of paranoia.
When the web was new, I expected the number of people that were nervous about giving credit card information over the web to be significant.
After all these years, I expected the web to become just another way to do shopping, and that the use of credit cards over the web would become second nature.
Not so, the number of people that prefer to place an order over the web, and then use our phone order option (designed for the paranoid) has stayed the same at 5% of the population over all these years.
I wish schools would teach people that its not giving the credit card over a secure connection, but what happens to the credit card information afterwords, which is the source of the problem.
There are still lots of gas stations that dumps your
unshreded credit card numbers into the dumpster, after a few months or a year.
A part of the problem is what we see on TV. Just about 2 hours ago I saw a news bit on spyware and how people try to steal people's identities and credit card info.
The simple act of giving another human being your card gives you some sense of assurance as well. It gives you the idea that this person is responsible for your card and you can take up any complaints back to that person. The idea of typing it in and hoping everything goes ok is less comforting. Though these impressions may not necessarily be factually acurate, people make a lot of decisions based on feelings.
People don't really understand how RARE it is for credit card data to be stolen... Nor do they realize how credit cards work, or how easy it is to have a fraudulent transaction removed from their bill. I had over $1300 in fraudulent charges appear on one of my credit cards, and I straightened it all up with two phone calls. Charges gone. No big deal.
If those scare stories on TV gave the total number of ALL credit card transactions online in a year, the number of fraudulent transactions, and the percentage of the total they add up to, it would help... but it wouldn't make for nearly as exciting a story.
|People don't really understand how RARE it is for credit card data to be stolen... |
So true. It's much more risky to hand your card to a waiter who you've never seen before and let him/her walk away with it. And of course there's those carbons.
This identity theft propaganda has really gotten outa hand. It gets hipe on the evening news because it sells. Even the credit card companies themselves now must use rhetoric insuring customers they're safe against it!
I've been trying to get a family member to buy a computer and get online for several years. Now they won't because of, what else, identity theft - like some thief is gonna sneak into their home through the computer.
The media always state "internet = credit card fraud"
But what they don't realise is that is not the customer that has to worry. It is the merchant - they are the one taking the risks. Fraudsters use the internet because they view it as an easy option - there is no phone call, fax, letter, or contact at all! A person who speaks very little English can give a very English name over the internet but cannot do that on the phone or by letter (bad grammar), so the internet is seen as an easy target.
Yes, I feel the media is to blame for this. I also feel that senior representatives from Visa and Mastercard, should be doing more to counter these sensational stories. Creating programs such as 'verfied by visa', only gives the sense that Internet credit card fraud is a problem, when in fact the problem is with companies that store credit card information, for future transactions, on insecure or easily hacked computer systems.
We never keep an electronic copy of credit card information, and if a company feels that it must keep this information for subscription purposes, then it should be highly encrypted, in a secure area, on a machine not connected to a network, with access by only key staff, that has undergone extensive security checks.
There was a study conducted either late last year, or early this year about age range and credit card usage.
Wish I could remember the exact numbers, but basically it went, people under (I believe its somewhere between 22-25) 25 are more likely to trust the web for credit card usage that the phone.
People over 25 are the opposite. It's definately a generation gap thing between who trusts the net and who doesn't.
People sometimes ask me about credit card security over the internet. I always say that I think it is more secure than waiter who takes your card and disappears for a while.
I use a credit card processor that handles the card number and just sends me the money. So I don't see the number. Someone called me on the phone, said he wanted to by my downloadable e-book but wouldn't use the card online. So he gave me the card over the phone (this person has never met me and doesn't know anything about me). I then called up the credit card processors web site and typed the card number into my browser. But it made him feel better.
Easiest way to steal credit card numbers is to get a job as a waiter in a restruant where the waiter takes the cards and goes to another area to run it through the machine. I understand that there are pocket devices that will allow the card to be inserted and will read and store the card number.
Another way, more difficult but easier than intercepting internet traffic, is to tap the voice phone lines going to companies that process telephone orders.
> I then called up the credit card processors web site and typed the card number into my browser. But it made him feel better.
I use WorldPay and they provide a system designed for the exact situation above. They know it was a phone/fax/customer present order because you use that screen.
Why do people feel more secure phoning (taps possible) a customer service department (human theft) who types it into a machine (visual theft from other employees possible, but unlikely), which transmits it down a phone line (taps possible, but encrypted, like the internet), to store it on a computer at the other end (where humans have access to it and it is likely to be connected to the internet to facilitate internet purchasing).
The other alternative: Customer types in the number (visual theft possible - but not if you are alone!), down the internet (taps/hack possible), to a computer (hacking possible but unlikely, human access by employees possible).
I work that out to be 6 theft chances by phone against 4 theft chances by internet - reducing the theft by around 33%.
I worked at a Fortune 500 company where we phone agents occasionally took customers' credit card numbers for out-of-warranty service on their products. One of the agents there took a customer's credit card number, and then later used it to mail-order computer equipment for himself. He had it shipped to a private mailbox. It happens.
Also, think about how every place wants your mother's maiden name. Any employee at any of your credit card companies who knows your mother's maiden name then knows your "password" for ALL your accounts at other banks. It may be smart to use a different "mother's maiden name" for every place that wants it -- provided you have a way to remember the unique password you give to each company.