How Do I Know a Website is Secure?

 

When you visit a site and plan to do some shopping, you don't want to send your credit card information out to just anyone, right? The first rule when purchasing something online is to only use a reputable website. Amazon.com and online versions of brick-and-mortar stores (Best Buy, Sears, JCPenney) are good examples of reputable online merchants.

When you have chosen what you want to buy on a site, and go to check your shopping cart and check out, you should be taken to a secure page. In fact, your browser may advise you that you are going to a secure site. So how do you know that the page asking for your credit card information is secure? There are two easy ways to tell, and they are about identical in IE and in Firefox.

The address in your Address Bar should begin with https://...

 

 

 

...and you should have the image of a closed lock in the lower right-hand corner

 

 

 

One Caveat (from Wikipedia):

"A common misconception among credit card users on the Web is that https: "fully" protects their transaction when submitting a card purchase, when in reality card information is only encrypted between their browser and the receiving Web server. Merchant sites are supposed to immediately forward incoming transactions to a financial gateway and retain only a transaction number, but receiving web servers often save card numbers in a database. It is that server and database that is usually attacked and compromised by unauthorized users. (In a sense, https: is similar to handing your card to a waiter at a restaurant while covering your card number with your thumb: it prevents anyone else from seeing your number while giving the card to the waiter, but once the card has been handed over the waiter can do anything with the information.)"

Again, if you buy from a reputable website or merchant, it is EXTREMELY unlikely that you will have any problem. In fact, I'm more comfortable buying online than handing my credit card to a waiter.