Top ten tips for staying safe whilst shopping online

This year, an estimated 1.92 billion people worldwide purchased goods online*. Gone are the days when people worried about making a purchase on the web; now the average consumer is completely comfortable shopping online. However, with comfort comes complacency, and we often don’t pay as much attention to our safety and security online as we should. Cybercriminals are more sophisticated than ever, using a variety of tricks that can easily fool consumers into visiting fake sites and opening phishing emails in a bid to capture their personal account information.

Your safety is our priority, so to help protect your spending online we’ve introduced a new authentication tool - 3D Secure, and we’ve put together these top ten tips to help you stay secure on your next online shopping spree.

Never reveal too much

Your most valuable asset online isn't your credit-card number, but your personal information. The more you reveal about yourself online, the greater the risk of identity theft. An online store will request your name, address, phone number, email address and billing information. If it asks for anything else, avoid using the site.

Shop online with credit cards, not debit cards

It is much safer to use a credit card for online transactions than it is your debit card. You’re not as protected against fraud when you use a debit card, and disputes can be difficult to resolve. Furthermore, if a cybercriminal steals your debit-card information, your entire bank account is vulnerable. Credit card users are protected by the Truth in Lending Act, which says you’re not liable for any debts if you report that your card has been lost or stolen before any unauthorised transactions are made. It is also much easier to report and reconcile compromised credit-card information than debit-card info. Credit-card customers have up to 60 days to report fraud; debit-card customers have as little as two business days.

Consider using a currency card

With a Caxton multi-currency card you control the amount of money held on the card, so there won't be an entire bank account for a criminal to tap into. More importantly, a prepaid card isn't connected to any personal information beyond what you need to provide for purchase and delivery. That differs from credit and debit cards, which are linked to bank accounts and potentially large lines of credit. At Caxton our prepaid currency cards are further protected with the introduction of 3D Secure on 1 April 2019 – an authentication tool that requires you to enter a ‘one-time password’ when you make any online transactions.

Make up the answers to security questions

Any time you are asked to remember security questions based on personal information, tell a little white lie. Your mother's maiden name might be Johnson, but no one is going to know or care if you say it's Reynolds instead. What's important is that you remember it. Social media has made it easy for cybercriminals to gather all kinds of personal information that is used in answers to security questions. This is one time when it is OK to bend the truth.

Create an email account for online shopping

What does your personal email account hold? Chances are, it includes plenty of personal information, lists of contacts and archived correspondence that you don't want cybercriminals to get access to. Your work email account may have even more sensitive information, including something that could compromise corporate data. Avoid these risks by setting up a separate email account to be used only for online shopping. Doing so will make the information in your regularly used email accounts less vulnerable if there is a data breach involving the shopping site.

The other benefit of having a separate email address for shopping only is that any special offers, marketing blasts and other emails from these retailers will go to that account. That will make it easier for you to tell if similar emails coming to other accounts are spam. Just make sure that the shopping email account's username and password are different from those used by any of your regular email accounts.

Create complex passwords and manage them securely

Many data breaches you hear about involve unencrypted or poorly encrypted passwords. Once a cybercriminal has the password for one online account, the chances of using that same password to access other account is very high. Why? Because many people use one or two basic passwords for everything.

It’s is important to use a different password for every important account -- any account that involves money or personal information. It's ok to write the passwords down, as long as they are stored in a secure location, such as a locked desk drawer or via an encrypted password manager. Storing passwords in an email account or on a computer file puts them at risk of being stolen if your system is compromised.

Don't let e-commerce sites save your information or credit cards

It's time-consuming to have to re-enter your name and address and dig out your credit card every time you visit an online store, especially if it is a site you visit regularly. (Many password managers can take care of this for you securely).

However, the more a site knows about you, the more information you risk losing in a data breach. You should also be mindful of the sites privacy policy and how much of your information is being shared with or sold to third parties.

Use store apps when shopping on mobile devices

It is difficult, if not impossible, to do all of the standard safety checks you would do on a computer (checking links, checking browser connections) on a mobile device's web browser. The safest way to shop on a mobile device is to use the store's own app — downloaded from an authorised app store — and use your mobile phones network or a secure Wi-Fi network. Never use public Wi-Fi, even one with a shared password, to shop online or to make financial transactions; it is far too vulnerable to attack.

Keep all of your software up-to-date

No matter which device you use, don't go shopping online until you know all of your software is updated. That includes using the latest version of your preferred browser, having the latest anti-virus software installed and applying all of the most recent software patches, whether you're on a desktop, laptop, tablet or smartphone.

Use two-way authentication

Caxton alongside many other merchants and banks have introduced two-way authentication. It is an added layer of security to protect you against potential card payment fraud. On the 1 April 2019 Caxton rolled out 3D Secure to all of its clients.

It works so that when you’re ready to make a payment online via your Caxton multi-currency card, you’ll be redirected to a 3D Secure page on the Caxton website to authenticate your purchase – that is providing the merchant uses 3D secure also. A ‘one-time password’ will be sent to your phone or email for you to validate. You’ll see a masked version of the phone number or email address that we have sent the code to. One code will be sent for each purchase, making it much harder for cybercriminals to access your account.

If you make some simple security techniques like these a common habit, you can relax knowing that you’re spending safely online.

*https://www.statista.com/statistics/251666/number-of-digital-buyers-worldwide/