Safe Online Shopping

First Published: NetAnswers Internet Extra newsletter
Date Published: 1999
Copyright © 1999 by Kevin Savetz

Take it from a guy who has bought bad computer equipment, received crushed shipments and had his credit card number stolen: online shopping isn't so bad.


There are many benefits to shopping online, from access to products that might not otherwise be available in your area to search engines that will find the lowest price on the items you want. My wife and I have been buying online for a long time: we've bought rare books from Powell's, an independent bookseller (at, computer products of all sorts, even a potty seat for my daughter. We've ordered flower deliveries, chosen wedding gifts using an online bridal registry, and ordered replacement bank checks using the Web.

Even though I'm an advocate of online shopping, I'll also be the first one to tell you that things don't always go smoothly. I've seen my share of problems -- from minor inconveniences like damaged merchandise down to having my credit card abused. Shopping online can be convenient and can save you money. But just like shlepping to the mall, things can go wrong and occasionally do. Sometimes problems can be directly attributed to the fact that we're buying from new companies using a new medium. Other problems that can happen with shopping online are just as likely to occur with a traditional mail-order catalog.

My own mother's first experience buying something online was a bust -- a compact disc that she bought through arrived completely crushed and broken. She had to send the disc back and wait for a replacement that took days to arrive. Even though this sort of mishap could have occurred with any catalog order, this was hardly an auspicious beginning for a first-time cyber-shopper. Mom hasn't bought anything online since.


Some things you just need to see before you buy, although the allure of a low price may convince you otherwise. Last year, I found a great price on a 17-inch computer monitor. I placed my order and waited for it to arrive. When it did, I was certainly disappointed: the screen's image was horrible. I sent the monitor back -- the company's return policy made that easy, and they even paid for the return shipping. Even though the online store reimbursed me for the cost of the monitor, I was forced to pay to ship the unit to my office. (The next day, I drove to the local computer store and paid $75 more for a monitor -- one that I could test before I took it home.) Prices on monitors continue to drop -- the other day I saw a 17-inch monitor on sale at a Web site for under $200. I'm sure my local computer store couldn't touch that price, but that is not a gamble I'm willing to take again.

If you're thinking of buying a car online, Kevin's Monitor Rule goes triple for you. Indeed, sites like and can find a great price for you. But take a test drive at your local dealer first, then find the best price you can on the Net.


Most of the time when you're surfing the Web, the information you send and receive is unencrypted. That is, a nosy system administrator or hacker with "packet sniffing" software could see which sites you visit and what you type into Web forms. Sometimes, though, you need information to be private.

All the major Web browsers have security features built in. When your browser is sending confidential information to a Web server that supports encryption, a little "closed padlock" icon appears at the bottom of your browser window and the information you send and receive becomes unreadable to everyone else. The technology that does this is called "secure sockets layer," or just SSL.

So, when you're giving your credit card number or other private information to a Web site, you need to be sure you're connected to a secure server: make sure the locked padlock icon is there. The vast majority of online stores do support SSL -- I've explored hundreds of them, and can think of only one or two that didn't. If a Web site doesn't have a secure server, don't order from that company online. The ones that don't usually don't go out of their way to let you know -- a few weeks ago, my wife was getting ready to place an online order when she noticed the little lock icon wasn't locked. When she realized that security was not mentioned at all on that site, she wisely canceled her order.

Netscape and Microsoft offer two versions of their browsers, each with different levels of encryption. The standard version has what's called 56-bit encryption, which is extremely hard for a cracker to crack. The 56-bit version is available to everyone around the world. There's also a 128-bit version, whose encryption is even stronger. Due to strange U.S. export laws, the 128-bit version of the software is only available in the United States. Before you can download the software, you have to fill out an online form promising that you are in the U.S. and won't export the software. The extra step takes a couple of minutes but is worth the hassle.


Buying through a secure server -- at 56 or 128 bits -- does provide some measure of safety, but is no guarantee that your credit card information will remain perfectly safe. A dishonest person working for a cyber-shop can snag your credit card information, or a store's lax security might leave your credit card number unencrypted after it reaches its server. Online and off, there are a variety of ways your private information can fall into the wrong hands.

My own credit card was recently abused to the tune of several hundred dollars. Two weeks after I used the card to purchase items from two online stores (both with secure servers), someone used that card to purchase telephone calling cards and phone equipment. It was impossible to tell how the thief got my credit card number, address and phone number, but chances are it had something to do with the legitimate online purchases I had made.

Dealing with the credit card company's security department was a hassle, but the problem was quickly resolved. Credit card law says that a customer can't be held responsible for more than $50 in unauthorized charges, however in this case my credit card company did not make me pay for any portion of the fraudulent purchases.

Have I bought items online since? Absolutely. It was just one of those things -- my credit card number was filched by someone hiding behind a Web site, but it could have just as easily been my waiter at a fancy restaurant or the clerk at the bookstore.


While writing a feature for Computer Shopper magazine, I explored about 200 online stores. Like physical shops, the quality of online stores varies considerably. Most e-commerce sites do the job nicely. Some are exceptional. A few sites were so laughably bad that I couldn't have placed an order if I wanted to.

When you find a site that you like with a product that you want, don't be afraid to enter your credit card into their secure server and place your order. Using your credit card provides some protection. Although there are no guarantees, chances are it will work out the way you would hope.

Articles by Kevin Savetz