The safest way to pay or bank online is with some sort of personal digital security device that verifies your identity. This ensures no one can fraudulently use your personal information. This could be a one-time password (OTP) token, a small device that generates a different password you must enter for every online payment or login. Or it could be a smart card-the mini computer inside your bankcard with special security software-used in Canada, Latin America, Europe and Japan. You can either insert your card into a small reader to generate an OTP or connect the smart card to your PC with a USB reader. These both act as an additional security measure when you pay online or login to your bank account.
Banks call this "two-factor" authentication-something you know, the PIN, and something you have, the card or token. This is similar to when you make an ATM withdrawal, requiring both a card and a PIN code. Two-factor authentication makes online payment and online banking more secure. For example, Barclays, a leading UK bank, reports zero online fraud among customers using EMV-compliant chip and PIN cards with handheld readers for logins.