Skip to main content Back to Top

2/10/2003

Avoid Pickpockets When Shopping Online

Kate Traynor

Shopping over the Internet offers both convenience and security perils, but the Federal Trade Commission (FTC) has advice to make the experience as safe as possible for consumers.

Consider the source. Before buying online or providing personal information to an Internet-based merchant, make certain the business is legitimate. Online signs that a company is legitimate include clearly stated refund, return, and privacy policies and descriptions of the methods used to keep transactions secure.

If you do not know the company and no trusted source vouches for the business, FTC recommends that you ask the vendor for a catalog to help you better understand how the company operates.

Know the product. Be sure you know what you are buying before you commit to the purchase. Sellers of easily recognizable merchandise like electronics and computer software may provide online pictures and manufacturers' descriptions that can help you verify a product's authenticity. If a product's online description is unclear, FTC recommends that you contact the seller for additional information before you buy the item.

Look at the lock. When activated, the padlock icon on the typical Web browser's status bar indicates that your personal information is encrypted during transfer to an online merchant or other recipient. Encryption should conform to the industry's security standards, such as the Secured Socket Layers, or SSL, encryption protocol—clicking on the padlock icon will display information about the security protocol. FTC notes that the easiest way to ensure your browser adheres to the current standards is to use the most recent version of the browser software.

A conscientious online merchant should provide information about the type of encryption used to receive and process electronic transactions. Look for the information at the merchant's Web site, or contact the vendor if the security information is not available online.

Credit, not debit. FTC advises consumers to use a credit card instead of a debit card when making online purchases. Although these cards look alike, a credit card exposes the consumer to fewer risks if a transaction goes awry.

The federal Fair Credit Billing Act protects credit card holders by limiting a purchaser's liability to $50 if a card is stolen or used for unauthorized purchases. This protection extends to credit card information that is stolen and used online for fraudulent purchases. Consumers have 60 days from the receipt of a bill with fraudulent charges to notify the card issuer, in writing, about the problem. Despite this provision, stolen cards or unauthorized access to the credit card account should be immediately reported to the card issuer.

Unlike credit card transactions, purchases charged to a debit card are automatically deducted from the cardholder's bank account. Criminals who obtain debit card information online or elsewhere can drain the associated bank account before the cardholder knows a problem exists.

The Electronic Fund Transfer Act limits a consumer's liability for unauthorized transactions with a debit card to $50 if the problem is reported to the financial institution within two days of discovery. Losses reported between two and 60 days of discovery are limited to $500. After 60 days, the card sponsor is under no obligation to limit losses charged to the account.

Another important difference between credit and debit cards is the option, for credit card holders only, to withhold payment for disputed charges, including goods that were not received from an online merchant. No such protection exists when a debit card is used.