|
|
|
We reveal how secure your credit or debit card details are when you shop online
The payment process
The data a company such as
Securehosting
takes is then transferred securely to the acquiring bank, which then sends this
on to the relevant card association (ie
Visa
or
Mastercard),
which in turn sends this on to your own bank.
Once authorisation has been granted or refused, this is sent back to the payment gateway which then passes it back to the retailer. This process may sound convoluted but takes seconds.
The point is that if the retailer stores the payment forms on the payment gateway’s servers, it does not see the customers’ card details. The payment gateway can store the card details if the retailer wants to set up the ability to carry out repeat transactions but the retailer still doesn’t see any card details.
And this was the only saving grace for victims caught up in the Zavvi Direct fraud – the criminals involved never saw any card details themselves.
Our verdict
The Zavvi Direct fraud is a warning that criminals are becoming more
sophisticated.
This fraud was not the online equivalent of a smash-and-grab raid. Instead they used a leading payment gateway and this company hosted the payment forms. This saved the fraudsters time and hassle, and at the same time they were using legitimate systems to gave them more time to carry out the fraud.
The weakest link in this fraud was the acquiring bank, which gave the merchant status to the fraudsters, not the payment gateway which has no power to carry out security checks. These companies can ensure that your data is more secure than if it is hosted by a retailer. But it’s important to point out that there is no such thing as ‘absolute security’.
The ubiquitous golden padlock displayed by web browsers – while always something that should be looked for – indicates that the retailer has directed the customer to a secure site such as that run by a payment gateway. However, people should realise that the golden padlock can be compromised, security certificates can be bought by criminals or spoofed and not all retailers that host your data are PCI-complaint.
But the fact is most people’s card details are stolen not when shopping online but through email scams and card cloning or when a company is the victim of a security breach.
Article tags
Related articles
Redress for damaged or failed goods from a company that has ceased trading is difficult. As long as payment was made via a loan or credit card, there is hope
Unknowingly, Nick Chumbley got caught up with a company facing the wall. Unless he paid for his PC by credit card, he will have to join the queue of creditors
Two gang members involved in £250,000 online scam receive two-year sentences
Q.Is my phone’s Bluetooth any use?
Q.Can I switch boot drives so that I can work on older...
Q.Can I open my old genealogy files or have they gone...
Make a profit from your unused gadgets
Run Windows and Ubuntu on the same computer
Hide private folders
Save up to 40% on the price
Exclusive subscriber website
Our price won't be beaten
Every modern PC has one or more USB connectors. We explain what they are, how to use them and how to overcome some of the problems you might encounter
|
|
|
|
|
Computeractive Excel (2010) Online tutorialPrice: £19.99 |
Computeractive Word (2010) Online TutorialPrice: £19.99 |
Computeractive Powerpoint (2010) Online TutorialPrice: £19.99 |
Angry BirdsPrice: £9.99 |
Back Issue CD-Rom 14 (2011)Price: £15.99 |
lost mail
I have had cheque books 'lost' in the post and mail lost. This was before the recent strike so there is some postal employees who must be liable for this missing post. A cheque book can be felt and thus identified from the outside of its envelope. The temptation for some must be great as they work in the postal service and these days the old standards seems to have gone. The old days gave an excellent service and twice daily deliveries. Now mail is over a week and one never knows when it is going to arrive, if at all. Thank goodness for email otherwise my business would be in serious trouble.
Posted by douglas, 08 Oct 2009