How safe is my personal information at online e-commerce sites?

by Team Gemalto on 21 December 2009 17H57

How Safe is my Personal Data?

The evidence shows, however, that despite the good intentions of most e-commerce online merchants, there are many cases where personal information is compromised.
Reassuringly, online merchants and e-commerce providers go to extreme lengths to protect your personal information.
Firstly, online merchants worldwide that accept credit card payment are required to comply with the Payment Card Industry Data Security Standards (PCI DSS). PCI is an organization formed by the major payment card brands-American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa Inc. The DSS standards define requirements and best practices for securing the processing and storage of payment account data, as well as other personal information. Compliance with these standards remains the responsibility of the merchant, and each payment brand manages their PCI DSS compliance and enforcement programs independently of the PCI Security Standards Council.
Most e-commerce sites provide a link at the bottom of every page to a privacy statement with useful information about what data they gather, how it is used and secured. Amazon's UK site provides an excellent example of a very thorough and clear privacy statement.

How to Stay Safe and Protect Your Information Online

Take these steps to stay safe when you are shopping online. First, always make sure the PC is up to date with anti-virus and anti-spyware protection. If you are using a wireless network, make sure your connection is secure (encrypted with password protected access) and trusted (you know the wireless network name is correct and trust its operator). Avoid shopping from public hotspots. Always make sure the connection to the Web site is secure. You should see https:// in the address-the s is for secure. Click on the padlock in the address bar and read the security information in it; make sure you are dealing with a reputable merchant. If your bank or merchant gives you the option to use an online personal security device such as a smart bankcard or one-time password reader, get one and use it! This provides a high level of protection because even if someone manages to steal your password, he or she cannot use it because they do not have the security device. For more tips, see How do I know if it is safe to enter my credit card information when I am shopping online?
If you do not want people to track your behavior or just want to raise the security levels of your PC, check out the privacy options in your browser. In Microsoft Internet Explorer for example, select Tools/Internet Options. On the Privacy tab, move the scroll bar higher for more privacy. The top setting blocks all cookies, although this will affect the quality of your browsing experience on many websites. The Security tab provides options to customize settings for specific sites. You can give sites you trust, like your bank or large merchants, lower security settings while maintaining very high security settings for everyone else on the Internet if you choose. Such features also exist in other browsers.

Five musts to safeguard privacy and security online:
1.    Never enter account information on a computer that is not currently protected by anti-virus and anti-spyware
2.    Look for https:// and read the security document in the padlock to make sure you are at the site you want
3.    For wireless, only use secure networks for e-commerce; not a good idea from a public hotspot
4.    Ask your bank or card issuer or a personal digital security device that verifies your identity online using one-time password (OTP) or smartcard technology
5.    Do not save your payment information for future purchases online