 |
 |
 |
|
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
Internet security
Is credit card payment on Internet secure?
Payment security is considered one of the essential aspects for credit card payments. This problem originates because of the nature of Internet, that is a relatively insecure means of communication. All data, starting from the key board and going to a computer situated many thousands of kilometres away, runs along a great quantity of cables and several physical means and are handled by a remarkable number of computers. Whoever has access to them could theoretically spy on the communications. Nicholas Negroponte, Internet guru, does not share these fears; he sustains that security is a false problem. He argues that the digital world is much more secure than the physical, analogical world; "perhaps the person that has doubts about digiting his credit card number in Internet is the one that hands over his card to a strange waiter in a restaurant who disappears for 20 minutes before returning it". This observation is based on the so called "security through obscurity": there are just so many e-mail messages that pass in Internet every day that it is virtually impossible for a hacker to find those containing credit card numbers. The fact remains that 60% of Web users disagree with Negroponte and don't trust using Internet as a payment channel. Using credit cards in stores is relatively safe; data furnished by Interbank Services confirms that in 1996, on a intermediate total of 21 trillion lire registered fraudulent transactions made with false or stolen cards, for a value of 10.5 billion lire, equal to only 0.05%. In Internet, without special countermeasures, things are different. In order to pay with a credit card, the user must trust the dealer, this results a difficult task when dealing with a company located on the other side of the globe. But above all, the real fear is in confront of the so called hackers, persons that, protected by Internet anonymity, operate on the Web to intercept and/or modify reserved information, sometimes to play around and other times with criminal intentions. Hackers use particular software, called sniffers, that intercept all messages in transit on the local web and select the interesting ones, based on sender and/or contents. Some of these recognise the messages contained in the string of "password" characters or "credit card" and act to intercept the user's answer, thus consents the theft of this precious information. Besides the certainty that no thefts are perpetrated through the client's credit card, a good payment system should safeguard privacy also. The dealer should not come to know neither the client's credit card number nor his personal data, in fact, the person who pays may not be the same person receiving the product, besides many products are delivered through the Web (software, digital books, etc.). Finally, the financial institute should not know what items the client has bought, but only the total amount. In this way, the dealer's privacy is also guaranteed. A good payment system for protecting the client's security and privacy should be able to communicate: 1) transmission of order from the client to the dealer; 2) transmission of payment order from the client to the financial institute; 3) communication of client's solvency or payment by the financial institute to the client; 4) communication of order confirmation by the dealer to the client. All these communications should take place with the guarantee: A) of data integrity, that is, exempt from manipulation or alteration, voluntary or involuntary; B) of confidentiality (or secrecy) that is, that only the addressee can have access to the information. C) of the identity of the sender (except in operation 1). UNILIBRO'S solution |
 |
GENERAL: Presentation - Total Quality - Buying foreign books - Privacy - Publicity on Unilibro - Regulations on distance contracts - Security on Internet |
 |
 |
 |
 |
 |
 |
 |
 |
BUYERS: Help Desk - Advantages - Sales conditions - Buying procedure - Payments - Secure payments - Shipping - Right of Withdrawal |
 |
 |
 |
 |