Online shopping is now a part of our life. How do you find out whether the site you are using is safe enough for making online payments? Harjot Kaur explains
Online shopping sites are proliferating at a rapid rate. From Flipkart.com to Snapdeal.com to Myntra.com to Jabong.com to ols.com, dozens of ecommerce sites have sprung up. Customers find it easy to shop online and ecommerce sites and their backers with deep-pockets believe that it is a segment that will grow into billions of dollars of online market.
However, many are wary of shopping online, wondering if it’s safe. After all, in the process, you are uploading and storing on the shopping site all your credit/debit card information, address and other details. Not all sites are safe. High quality of design has made it possible for websites to look swishy enough and nearly match the official websites of banks and online payment channels. With an increasing number of websites you can buy from, it has become difficult to tell the trustworthy websites/payment gateways from those that are not secure. It is not very difficult to detect fake websites and online payment systems, if you are vigilant and remember a few key points.
Here are some signs and symbols you need to look for on your web page or the online payment gateway while making an online payment or while shopping online. Additionally, some third-party data aggregators also help you assess the quality of an online payment portal and whether or not, the web page you’re using is secure.
1. Check for Secure Link
Check the address bar on your web page. If the website name says ‘https’, instead of ‘http‘, then it is secure. When you open a regular website, the name of the website starts with ‘http’. But when your website is secure, the name would start with ‘https’, as depicted in the following screenshot.
‘Https’ signifies that all information you put on the page from this point on will be transferred to the receiver only in encrypted format—a technology used for transforming information into signs and symbols till it reaches the receiver, where it is again transformed into regular text. So, anyone trying to view your credit card or bank accountdetails during the transmission process will not be able to do so; your details remain secure.
2. Security Lock at the Bottom of the Page
The lock icon that you see when making online payment is not just a picture. It is a sign of the security of the web page you are using. Some websites have this lock placed in the address bar while others would have it at the bottom of the page, depending also on the browser you use. Technically called a padlock, it indicates that the page uses an SSL protocol or a TLS protocol. These are data transfer security standards that encrypt data as well as authenticate the server you are using. You should only use websites that have the lock in ‘locked’ state; unlocked websites are not secure.
3. Third-party Verification Certificates
These seals of approval are given by associations of members including payment gatewaysand sites using those gateways. The logos and certificates shown below mean that the association has verified the entire platform of online payments being used by the merchant and certifies that no information is being stored on the merchant’s server or elsewhere.
Visa and MasterCard are two globally renowned online payment platforms used by most merchants.
These logos, however, should not be trusted on a standalone basis since they can be easily cloned or copied to make the site look authentic. They should be looked at in conjunction with other security signs. However, if all other signs are there and the certificate is not, the site should not be fully trusted. The SecureCode sign means that by providing information about your credit or debit card, your financial institution is automatically prompted to check out your SecureCode each time you use your card. Your bank does not share your information with the company whose website you are using to make the purchase and that is why you are secure. By providing correct SecureCode each time, you authenticate that you are the right user of the card.
4. Double-level Authentication
Double-level authentication is a two-level authentication and identification process which verifies the data twice before the payment goes through—once by the merchant site and next by the bank’s site. This process is mandated by the Reserve Bank of India (RBI) and has to be followed by all Indian entities having payment platforms on their websites. In case this is missing, RBI guidelines are being ignored and you should not trust the website for good reasons. Double-level authentication looks like the screenshot shown above (for HDFC Bank); it could be different for different banks.
5. Third-party Aggregators
Other than the signs on the website itself, many third-party websites aggregate performance data for users to analyse information, for example, mywot.com. This site aggregates all comments that users have put up anywhere on the web, regarding the payment platform of the company you are checking for. With that information on hand, you will be able to know others’ experiences while making payment and whether the website is trustworthy enough. The site also assigns ranks, based on four parameters, displayed in the screenshot below, and authenticates whether the site is useful or not.
Once you have checked for all these security factors, you should be comfortable enough for making online payments. You must also note down the contact details of the website, your transaction ID and the time at which you made the transaction. It is also in your best interest to take a screenshot of the ‘transaction successful’ page. In case of any dispute in payments, these precautions prove to be of vital importance.
vinay mohanty
No comments:
Post a Comment