Strong online security measures are important. Protect yourself, your online store, and your computer with antispyware, antivirus, and firewall software and keep it updated. The antivirus software will warn you if a suspected worm or virus is contained in an email. The antispyware hides your tracks on the Internet. Some identity thieves rely on being able to track your actions when you access your bank account or credit card accounts online. They can obtain your account numbers, usernames, and passwords.
9.9 million people in the United States lost over $5 billion dollars in 2006 due to identity theft, one of the fastest growing crimes in America. Since identity theft is reported in different ways in different areas, the numbers could be even higher.
Identity theft is a criminal offense. It occurs when a person knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit or to aid or abet any unlawful activity that constitutes a violation of federal law or that constitutes a felony under any applicable state or local law."
- Identity Theft and Assumption Deterrence Act, 18 USC 1028(a)(7)
Key pieces of personal information are fraudulently obtained and used to steal the assets of the victim or to defraud others. Bank accounts can be drained. Credit cards maxed out and new credit accounts established.
It can start with a computer virus that opens a backdoor to information on your hard drive, deleted emails, even going through your online store's physical trash to find thrown out correspondence. Shred any correspondence.
Install firewalls and virus protection for your online store and your personal computer if you use it for work. Make sure any system you're networked with has Internet privacy and security measures installed. Upgrade when necessary.
Make sure your online shopping cart has security features. A good cyber security system can prevent one of your customers becoming the next identity theft victim.
If your online store offers more than a few products, an online shopping cart is important for the convenience of your customers. What is an online shopping cart? It's a method that allows a customer to click on a product, keep track of their purchases and when they're ready, use their credit card to buy the products and pay for shipping.
Think of your online store from your customer's point of view. It's annoying to have to complete a separate transaction for each product you purchase. Sound complicated? If you don't have an online shopping cart function that's what you're asking your customer to do.
The shopping cart software, or script, talks to the payment gateway software and tells it the amount of the purchase, name and credit card information, all in a completely secure manner. The payment gateway then transfers that information to the financial institution that holds the merchant account. When the purchase is approved the procedure is reversed. The payment gateway tells the shopping cart software, which tells the customer. If the product is a downloadable the cart will also tell the customer where the download link is.
It's important that the shopping cart, payment gateway and merchant account work together. Not all shopping carts will work with every payment gateway. And keep in mind you need all three. Just shopping cart software isn't enough.
Phishing is an Internet scam targeted on stealing financial and personal information and can lead to identity theft. It's critical that you protect your customer's information while they're using your online shopping cart and payment gateway. Cyber security is important to keep any customer's personal information safe. Here's how a phisher could use information stolen from your site:
The phisher hacks into your database and acquires the customer's name and email address. They then send official looking emails which look and read as if they've been sent from recognizable credit unions, banks, or other financial institutions. The return email address is similar to the financial institutions, even the logo is copied. The phisher may not know which customer uses which bank, but the odds are that there will be quite a few matches if the phisher uses major national banks.
The email may say the account has been put on hold because of unusual activity, is being reviewed, needs verification or is suspended. The customer is asked to click on a link which takes them to a bogus website and reaffirm their account, by entering their personal and financial information. After the information is collected, the phisher uses the information to steal the identity of the recipient, drain their account, or set up new credit cards.
Cyber security is important. Protect your customer's information even if all you track is their name and email address.
Ecommerce security is a vital part of your online store for both your customer and for you. It's more common to feel comfortable using a credit card online these days, but it still can be risky. Asking your customer to complete a purchase by providing their financial information in an online form that isn't secure is asking for trouble. The information is available for phishing scams.
Phishing is a common Internet scam often conducted by email. The customer is baited to reveal their personal information such as bank account, social security number, and credit card numbers. The bait can be that a recent purchase is being questioned or that their information is incorrect and needs to be input again. It's critical to have this type of customer information protected on your website and in your databases.
In the Untied States 1.2 million people lost nearly a billion dollars through phishing schemes. Nearly 1 in 20 users of computers fall for a phishing scheme.
Most phishers use email but the phone has also been used. The phisher leaves a message on the customer's answering service saying they are XYZ bank, that there is a problem with their bank account and to please call a number that is set up with a recording. The customer calls and gets a voice mail which identifies themselves as XYZ bank and then asks the customer to provide their account number and PIN.
Protect your customers from phishing scams: Make sure ecommerce security a high priority for your online store.
Accepting credit cards at your ecommerce site is now a necessity. If the customer can't use their credit card to buy your products the odds are they'll just leave your site and find an ecommerce business that does accept credit cards. Credit card acceptance increases the credibility of your site and therefore your products.
Accepting credit cards online requires that you open a merchant account and use a gateway processor to communicate between your site, the customer's credit card account and your merchant account. The customer decides which products they would like to buy and includes them in their online shopping cart. When they've finished shopping they check out. The customer inputs their personal information and their credit card information into a form that's hosted securely at your site. The credit card information is encrypted by the gateway processor and sent to the customer's credit card account and then credited to your merchant account. The process is seamless and the customer is probably not even aware that there has been a gateway processor involved in the transaction.
If your ecommerce site offers payment by credit card it's mandatory that a gateway processor is used in the transaction. Accepting credit cards can boost the revenue from your ecommerce site.
|Jennifer Mathes, Ph.D.|