7 What's going on with online shopping
7.1 Worries about security of credit card and personal data
The Internet is intrinsically an insecure medium (for example, sending an unencrypted email is like sending a postcard through the mail – people equipped with the right equipment might be able to monitor communications that flow across the Net and read their content). So naturally people are concerned about whether to entrust their credit card details to an online store. And on the vendor's side, there is always concern about identity theft – i.e. the problem of knowing whether the person placing the order is using a faked or stolen card. The transaction falls into the ‘customer not present’ category, which is recognised in the industry as carrying a higher risk of fraud.
Oddly enough, although these security concerns are real and justified, consumers’ concerns usually focus on the wrong area. The danger is not so much that your personal data will be snooped on in transit, but whether they will be secure if held by the online retailer. All reputable retailers conduct the sensitive part of the transaction using a technology called Secure Sockets Layer (SSL). This was designed by Netscape in the early days of the Web to enable encrypted, authenticated communications across the Internet and is used mostly in communications between web browsers and web servers. You can always tell whether your communications with an online site have switched into SSL mode by checking the URL of the server. If it doesn't begin with ‘https://’ then you should not proceed any further because it means that your personal data will not be encrypted (i.e. scrambled) while being transmitted across the Net.
So there is a technological solution to the problem of transmitting data securely. There isn't a technological solution, alas, to the other aspect of the security problem – protection of any of your data that are stored on an e-commerce server. Here the key issue is trust: do you believe that the retailer is reputable (and will not pass on your data to others), competent (with well-maintained and secure computer systems) and honest? Because none of us can be 100 per cent sure on these counts, it tends to come down to whether you trust the brand. Do you feel that Amazon (or Tesco or Ryanair or any other company) can be trusted with your data?