Online Purchasing vs Offline Purchasing: Do-It-Yourself : Curry Technology Services

Online Purchasing vs Offline Purchasing
HTTP vs. HTTPS

Well first off let me explain “offline”. Since were talking in terms of computers, the term “online” and “offline” are used instead of saying at the store, gas pumps, etc. Online is a simple term used to indicate a state of connectivity. When you are connected or browsing the internet, you are “online”. Offline refers to a state of being disconnected from the internet.

One of the biggest questions asked in the world of computing is shopping online. Let’s face it, every year millions of people shop online especially during the Christmas holiday season. Shopping online gives so many great features like having the items shipped right to your door, shop any time of day from the comfort of your home, and the greatest of all, no sales staff pestering you! I personally do 95 to 99 percent of my holiday shopping online. But how secure it? Why is identify theft so high?

Shopping online…
Have you ever noticed while browsing the internet, in the address bar you see the http:// or https://. If you really want to know if your connection is secure, this is where to look. If you are purchasing something online, make sure while your checking out, that each page you encounter begins with https. What is the major differences. Well there is a lot. Let’s begin to discuss them.

HTTP stands for HyperText Transfer Protocol, which is just a fancy way of saying it's a protocol (a language, in a manner of speaking) for information to be passed back and forth between web servers and clients.

You really don't need to know what it all stands for; the important thing is the letter S which makes the difference between HTTP and HTTPS. The S (big surprise) stands for "Secure". You probably didn't need me to tell you that, because you already knew it had something to do with security.

If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following: http://. This means that the website is talking to your browser using the regular 'unsecure' language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.

This is why you never ever ever enter your credit card number in an http website!

But if the web address begins with https://, that basically means your computer is talking to the website in a secure code that no one can eavesdrop on.

You understand why this is so important, right? If a website ever asks you to enter your credit card information, you should automatically look to see if the web address begins with https://. If it doesn't, there's no way you're going to enter sensitive information like a credit card number!

It should be pointed out that just because a website has that magic "S" in its address, that does not mean it is wise to do business with them; even scam artists can have https sites! It simply means that no outsiders can eavesdrop on your conversation...doesn't mean you should be having the conversation in the first place. Only do business with reputable firms, or firms you have thoroughly checked out!

Restaurants, Gas Pumps, Retail Stores…
Being that we discussed the major differences between http and https and how the encryption works from your browser to the server, let’s sit back and think about how restaurants, gas pumps, and retail stores work. When we swipe or card at the gas pump, how do we know it’s secure? We don’t. Trust me, it has happened around this area that credit card numbers are stolen from using at gas pumps. Remember https and how its encrypted where an “eavesdropper” can’t see what is being transmitted? Well gas pumps, restaurants, and retail stores can’t say they have encryption on their connections. Someone can easily “eavesdrop” on that connection or hack their databases and retrieve your credit card number.

Let’s go in another direction. You and your family go to a nice dinner. The waiter or waitress brings your check. You hand them your credit card and they go off and return a few minutes later waiting for your signature. You and your family leave all happy and full. Let’s break this down. Image yourself as this waiter or waitress. A customer hands their credit card for you to swipe or enter. With no one is site you either copy or write down this customers card number, CSV number, and expiration date. You return the customers card and slip for their signature. Customers signs then leaves. You now have everything you need including the signature to begin credit card theft. Never thought this could happen? You just don’t know what happens when that waiter or waitress leaves with you card.

So as long as the site I am on has the https I’m secure and safe…
Well, for the most part yes. But there is other potential factors to think about too. Spyware and Viruses. The biggest thing to be careful about are programs called “keyloggers”. What the program does is logs every single key stroke made on the keyboard, then sends this information to a central server or workstation. You can be connected to a secure server while shopping online, but a hidden keylogger installed on your machine by a virus or spyware is tracking every keystroke you make, including your credit card number. That is why it is very important to get a up-to-date Antivirus and get a paid version. In my other article “Which Antivirus to Purchase” discusses free vs. paid antiviruses and which antivirus is better.

This year old question is “Safer to purchase online and offline?” Many exports think: YES. In my opinion, their right. Why is identify theft so high. It’s because of people like you and me. Normal people working at jobs that require credit card interaction. Human to human transfer of credit cards, giving the humans an opportunity to get your numbers and all it takes a few seconds.