During the holiday season, you may be visiting online stores—some of which you may never have purchased from before—hoping to find the perfect gift. Or, perhaps you’re an avid online shopper. Either way, you need to safeguard your personal payment information. How can you be sure that the credit card information you’re providing online is secure?
These 5 tips can help you protect your card information year-round.
Tip 1: Shop sites you know.
This one may seem obvious, but if you’re shopping on a website that you’ve never visited before, it may be worth investigating its trustworthiness further. We’re not talking about major e-retailers, like Amazon, Target, or Zappos, but rather, less heard of ones. If you’re searching for a gift or something new, perform a quick Google search to see if the item appears on a more trustworthy site. If not, search the name of the company you’re looking to buy from. Do they have active social media sites? Do any suspicious search results appear?
You can also ask friends or family if they’ve ever heard of the website before. If you’re still not sure, search for known scams on the Better Business Bureau website. Use your best judgment.
Tip 2: Look for the “https” in the URL.
Websites that process sensitive information should always have an “s” after “http” in the url. Why? This means that the website has a SSL certificate, so information you enter will be encrypted as it makes its journey from your computer to the recipient. Another visual cue that the site is secure is the lock symbol that appears in the web address bar.
Tip 3: Use unique, difficult passwords on every site.
Unfortunately, security breaches happen. If you store credit card information on an e-commerce site, be sure to provide a unique, difficult password. Never use your bank, credit card, email, social media, or any other account’s password.
We know it can be difficult to remember many passwords, but if one site experiences a breach, you won’t have to worry about additional information being compromised.
Once you have a difficult, unique password, don’t share it with others. What counts as a difficult password? We recommend following the U.S. Department of Homeland Security’s password best practices and a few others for additional security:
- Use a combination of at least three of the following: uppercase letters, lowercase letters, numbers, and/or symbols.
- Include a minimum of 8 characters, even if the website doesn’t require it.
- Don’t use personal information that is publicly available or accessible on social media, such as a birthday or pet name.
To keep track of many passwords, you can either use your stellar memory, or store them in a secure location. Some companies offer this service online. After you create an account using one extremely difficult master password, you can then save all your passwords in their digital vault.
Tip 4: Log out of your accounts.
Have you ever gone back to your computer only to find that you’re still logged in to that one site?
While some websites will timeout your session, some won’t. Logging out of your online accounts is important—especially when you’re using public computers. For example, if you use Gmail or have a Google account, once you close a browser, that doesn’t mean you’re logged out. The next person who uses the machine could have access to your email and a lot of other personal information on you.
Google’s Gmail has over 900 million global users (revealed by Google’s Senior VP of Product, Sundar Pichai during the 2015 I/O Conference). They’re also adamant about helping users protect their information.
If you use a public computer, Google recommends not only signing out of your account when you’re done, but also using their 2-step verification process for additional security. This requires you to enter a code provided to you when you log in from an unrecognized computer or device.
If you use a different email service, you can research to see if they have similar security measures. Again, at least log out of your accounts.
Tip 5: Be cautious shopping over public Wi-Fi.
What is public Wi-Fi? Many places such as coffee shops, hotels, and airports offer free Wi-Fi that anyone can access within the network area. But it’s likely not a private, secure Wi-Fi connection unless the network asks you for a password, according to OnGuardOnline.gov. If it’s not private, other users on the network may be able to access and steal your information.
If you use public Wi-Fi, it’s even more important to ensure that the sites you are using have a SSL certificate or “https” in the web address. If you use a secure site, your information will be encrypted, but only on that site or web page. If possible, it’s best to avoid using public Wi-Fi to make purchases or log into sites that contain a lot of personal information.
Always monitor your financial activity.
While this isn’t a comprehensive guide of everything you can do to protect your payment and personal information online, these are easy steps you can take every time you turn to your computer to buy an item. Even if you think you’re shopping online safely, it’s always best to monitor your bank account, credit card statements, and even credit report for suspicious activity. Fraud can occur in many forms, and fraudsters can access your information in many ways, in addition to online.
If you find suspicious activity, report it immediately to the appropriate party.
You have the ability to protect yourself. Safeguard your credit card, debit card, and personal information both online and offline.