Head Office, Johannesburg, South Africa

Online shopping-Here’s how your customers can protect their money

online shopping

You may have a customer who is so afraid of being defrauded that he asks his bank for a new credit card every few months. With a change in expiration date, and a new security code, he feels that no-one could have permanent access to his sensitive information. The good news is that it’s not necessary for your customers to use this time-consuming method to secure their money online and protect their personal information. Here’s what to tell your customers to prevent them from being defrauded:

Fish out the phishing scams.

Phishing, or email ‘spoofing’, is when cybercriminals lure you into giving them your personal information. Usually, they ask you to click on a link in an email, which directs you to a site where credit card numbers, usernames, passwords and ID numbers are requested. Phishing criminals appear convincing because they masquerade as a trustworthy entity, such as a bank. People fall for phishing scams are they mistakenly think these emails are legitimate as a personal email was sent to them. Reputable financial institution like banks or SARS will never ask for confidential information over email or the Internet.

To trust a website or not?

With the rapid development of e-commerce platforms and increase in online shopping, more merchants are seeing the benefits of having an online shop. But your customers may be loathe to part with their credit card details.

Two crucial safety indicators can add that level of comfort when transacting online:

  1. There should be a padlock symbol in the browser window.

Because it’s easy for a criminal to copy a padlock symbol image and paste it on a web page, before parting with personal information, ensure that the padlock is always present in the window frame of the browser. It’s advisable to click on the padlock icon to verify that the seller is who they say they are. When you click on this item, a certificate pops up. This certificate should be current and registered to the right address and company name.

The image of a padlock does not always equal legitimacy however.

Cyber criminals are becoming increasingly clued-up. If you’re in any doubt as to the authenticity of a website, click away. If there is a warning about the site’s certificate, which pops out at you from the screen, then it’s best to not submit any information.
  1. The website address should begin with ‘https://’.

Secondly, the website address should be an encrypted and secured connection. This is indicated by the ‘https://’ symbol at the top of the browser. If this is missing from the website’s address, don’t proceed any further.

 As a business owner with an online presence you should educate your customers about ‘two-factor authentication’.

For extra protection, customers should have to enter not only their username or password, but some additional verification, like a one-time password. Gmail for instance, requires additional information if they see you have logged in from an unfamiliar computer. So too do many South African banks.

Succeeding in the online sphere relies on being a custodian of online payment security.

As a business, you should have stringent and secure online payment standards and practices. Only partner with a reputable payments solutions service provider, who can build a secure payment gateway suitable for your business. Make sure this provider is compliant with the Payment Card Industry Data Security Standard (PCI DSS). This confirms that they have achieved the highest level in card data protection. For extra security measures, the payments solution provider should be able to have a system whereby sensitive data (your address and credit card details) is replaced with a unique ID.
If you would like your business to be seen as a custodian of online payment security, find out about EFTPOS’s e-commerce solution today.