i always ponder on something and it is why do guyz misuse the word HACKING. Sose if u call credit card theft hacking what will u call bank theft online. Sose when using a credit card u have to make sure the system u are using has no damn folder shared and making sure u delete ur cookies and history when u are done with transaction..... i will tell u more when we see...
I AM MADE TO SHINE... BORN TO BE GREAT
C0dE - 3
Take Responsibility! Don't let failures define you
Re: credit card security
12 years 2 weeks ago #19136
But I need more to protect my transactions . thanks
Very wise Sose. I won't trust my wife with my credit card so why should I trust software written by Microsoft especially if I am to go sit in someone's cyber cafe! I don't care how much the propriator tells me it's safe there's not a chance I am going to do it. Now, that's just me but I am sure there are plenty of people who wil happily do it... even in a wireless lounge of a hotel or some such.. /shudder !
Now I am not skilled up in security yet (I find it a fascinating subject) but from the top of my head I can see your problem lying in two areas. What your PC is doing when you tap in your credit card info and what the server at the other end is doing to safeguard the info you are typing into it.
If the server side is something like paypal then it is down to them to provide a secure connection for their web page when you enter your details. How safe this is (apparantly not at all from what I read) is down to them and not the responsibility of the cafe owner.
On the cafe side, as the credit card details are provided by secure web page by the agency, the best the cafe can do is have upto the minute antivirus, several antispyware and regular scans. A seperate virtual disk cleaned for each user that logs in so that there should be no aspect of a previous users info that can be looked at.
If it's a wireless cafe then you really need to screw down your protocol security and make sure someone with a stronger signal server running on a laptop can't re-route your client PCs to run through their laptop (in record mode) and then through the server to the cafe's ISP.
(theroetical example - customer A logs in and goes onto amazon/ebay and ticks save my password. Customer B logs in and finds customer A's amazon/ebay cookie and puts it in his own cookie area and voila... He is now customer A - quick change of delivery address ..... bingo! I may be wrong in the ease of this but you see my point)
Lastly, with my limited knowledge of security, learn a lot more about how scams are done and make BIG posters of the do's and don'ts and put them smack in front of every PC in the cafe. Even then you can never discount the user's unerring ability to do something completely stupid but what more can you do. I am not sure how legal it would be to put a notice up stating that browsing is at the customers own risk.
Never ever put your card details straight into an unrecongised site without going through something like Paypal, etc. Big sites like Amazon, etc might be trusted BUT that is completely down to you whether to trust them or not. With credit cards you have some protection in that if the website company messes up, if they wish to keep the ability to provide say Visa transactions then when you complain to Visa and Visa phones them and orders them to get it sorted, they will or lose ALL further Visa transaction capability. Credit card companys don't take prisoners when it comes to that sort of thing. But, if it is a bogus site and they run off on a spending spree with your card details it could be very tricky to prove it wasn't you especially if it is done in the same country/continent.
One last point which may be of some help. If you do go ahead and buy things over the internet, never use your bank account card. Use a proper credit card. Banks dont invest anywhere near as much money into anti fraud departments as the credit card companies do and typically won't give any help if money is taken out of your account one the other side of the world at the same date and time you took out some money from the same hole in the wall you usually use. As far as they are concerned, it is down to you to prove that you don't have some sort of elaborate intercontinental scam going on or some sort of teleportaion device.
A friend of mine had over £2k taken out of her account in the states. Luckily it was her credit card and they jumped right on it and gave her her money back within a matter of days. There was no question in their mind that it wasn't her.
Sorry for the long post. Very interesting subject.