
            ~~  Internet is safest way to use your credit card  ~

                               by Kurt Dahl
                        Special to The Seattle Times


    Enough is enough.  The public is being badly served by the hysterical
    reporting about credit-card security on the Internet.  The reality is
    far different from the picture painted in the press.

    The reality is this.  Using your credit card in a secured browser on
    the Internet is hundreds, if not thousands, of times more secure than
    any other way you use it.

    A secured Internet transaction goes from your computer to the
    commercial Web site without any human intervention.  This is true of
    virtually no other credit-card transactions.  We all give our credit
    cards willingly to waiters, cashiers, bank tellers, gas station
    attendants and phone operators at catalog companies.  Every day,
    somewhere around 10 million people handle close to 100 million credit
    cards in the course of their jobs.  Talk about a security risk!

    But do we see headlines like:  "Two Berkeley graduate students discover
    they can steal credit-card numbers by going to work for Wal-Mart."

    I suppose the press is interested in security on the Internet because
    of the intriguing and somewhat scary idea that remote hackers can
    magically steal your card number as it zooms past on the phone network.
    But if a hacker had a mind to steal credit-card numbers from the phone
    network, there are significantly more fertile grounds than the
    Internet.

    How do you suppose the credit card that you give to the cashier at
    Wal-Mart or any other retailer gets authorized and transferred to the
    bank?  In most cases it is over the same kind of phone network as the
    Internet.  In years past, retailers could claim they had some level of
    network security because they used what is called a private network.
    This simply means they reserved a specific phone line to connect their
    store with their central data processing site.

    Today, this is no longer the case.  Because it is significantly less
    expensive, most retailers are using a network technology called frame
    relay.  Its characteristics are almost identical to the Internet
    network. For you technically adept, a frame relay network is a public,
    packet switched, routable protocol just like the Internet.

    The number of credit-card transactions flowing across these frame relay
    networks dwarfs anything on the Internet, probably thousands of times
    more per day.  The cash register actually sends your credit card across
    the network twice, once to authorize the number, and once more to
    create the final transaction.  And guess what, the cash register does
    not encrypt your credit card number!

    But again, do we see any headlines like:  "Industry security experts
    advise against using credit cards at stores, gas stations or
    restaurants because cash registers are not secure?"

    Here is another one.  What percentage of credit-card fraud is a result
    of lost or stolen cards?  I'm sure it is quite high, but it is
    virtually impossible to lose your credit card while doing business in
    your home or at work.  Once again, Internet commerce is far more
    secure.

    How about this headline:  "Police recommend leaving your purse at home;
    you might lose it."

    The press coverage about commerce on the Internet has made the public
    think it is not safe to use your credit card on the Internet.  That's
    just plain wrong.  If you want to use your credit card in the most
    secure way possible, by far, use a secure browser on the Internet.