When buying products or services over the Internet, you usually need to enter your credit card number. Unfortunately, typing anything on an Internet web page is never completely secure due to the way the Internet works.
When you connect to a website, your computer actually connects to half a dozen other computers that pass the data gathered from your input from one computer to another until the data reaches its destination. This means that anything you type can be seen and intercepted by multiple computers between you and the final destination computer that hosts the website. Think of reciting your credit card numbers to six total strangers, who then relay those numbers to a store. How safe do you think your credit card numbers might be?
When using the Internet, you should assume that anything you type can be intercepted and read by strangers unless the site that you're visiting is a secure site that uses encryption.
Encryption scrambles any data you type or send so that only the final receiving computer (such as a shopping website) can decipher that information. Anyone else reading encrypted data along the way will see random gibberish.
To determine whether a website uses encryption, you can do the following:
Click the Safari icon on the Dock. (If the Safari icon does not appear on the Dock, double-click the Safari icon inside the Applications folder.) The Safari window appears.
Visit a web page of an online shopping site, such as Amazon.com or OmahaSteaks.com. Pick an item to buy and place your order. As soon as the website asks you to enter a credit card number, look for the lock icon, as shown in Figure 37-1.
Look at the Address text box in Safari that shows the site's complete web address. If the site is secure, the Address box should contain the URL (the uniform resource locator, or address) of the website itself, beginning with the characters https://, which stand for HyperText Transfer Protocol over SSL (Secure Socket Layer—the part that makes the site secure). If the URL consists of random letters and numbers, as shown in Figure 37-2, you may be visiting a fraudulent website masquerading as a legitimate site. If you don't see the https://, the website is probably not secure and you should not enter credit card numbers or other personal information here.
Figure 37-2. Moving the pointer over a link can often reveal the actual website address, which may consist of different letters and numbers instead of a simple descriptive address.
Note
The larger online shopping company websites process their own credit card transactions, which means you should see the name of the company as part of the website address. Smaller online shopping websites often pay another company to process their credit card transactions. In this case, you'll see the name of a credit card processing company (such as PayPal or www.paypal.com) instead of the online shopping website name as part of the website address.
Look for the lock (encryption) icon in the upper-right corner of the Safari window. This lock icon identifies that you're connected to a secure site.
You are safe entering your credit card number only if you see a recognizable name in the website URL, the letters https:// in front of the address, and the lock (encryption) icon in the upper-right corner of the Safari window.
Note
If any one of these three items is missing, you may still be connected to a secure site, but beware. You might play it safe and shop elsewhere, research the reputation of the online shopping website, or place your order by telephone instead.
