I do a large portion of my shopping online, particularly when buying gifts. I’ll spend hours hunting around online for the perfect item or the best possible price on a particular item that I want.
When it comes to the biggest websites – namely, Amazon – I feel comfortable shopping there. They’re quite secure and I’ve shopped safely there for a long time without any troubles.
Sometimes, though, I’ll find a unique item or a very strong price at a website that I’m much less familiar with. I’ll find a board game at an obscure retailer or I’ll find some handmade jewelry for a gift from some nice little mom-and-pop website.
This leaves me with a real dilemma.
I don’t feel comfortable sharing my address and credit card information with someone I don’t know. In order to share that info, I have to trust that person to some degree, and if it’s an obscure website, that trust level is honestly pretty low.
Yet… that site is offering a unique item or a stellar price. There’s good reason for me, as a consumer, to use that site.
When I’m faced with that situation, I have several tactics that I use, depending on what the website is like.
For starters, I look for a secure connection. I don’t enter any personal information unless a few things are true.
First, the URL of the web page must start with https. That means the connection is a secure one.
Second, the web browser must be showing me that the connection is secure. With most web browsers, that’s indicated with a small padlock image that appears next to the website address. If it’s not locked, I don’t use it. In addition, I can click on that padlock to find out more information about the site’s security.
Of course, simply using a secure connection isn’t foolproof. No secure connection is absolutely perfect, particularly when you’re using a less-well-known retailer. So, I take additional steps.
If the website offers credit card payment, I start at the website of my credit card provider. Why start there? I request a one-time credit card number from my credit card provider. (This requires you to have online access to your credit card through your credit card provider, of course.)
That one-time number is a unique credit card number that I’ve authorized for just one purchase. The website generates that unique number for me, then I head off to the retailer’s website and use this one-time number for my purchase there.
After that purchase, that one-time number no longer works. So, even if the info is stolen, the retailer cannot use that credit card number for anything at all. It just won’t work.
If the website offers PayPal payments, I use PayPal. PayPal is a subsidiary of eBay that enables people to make online payments to other PayPal members. Since this is one of the services I already trust, I feel confident using it.
With PayPal, you can just use your normal credit card within your account to send payment. The recipient only sees your email address and shipping information. They have no access to your actual credit card information.
Normally, when a retailer offers purchases through PayPal, their site redirects to PayPal. Your browser will show a https:// address (with a padlock for a secure connection, as described above) with paypal.com (sometimes with a prefix, like https://secure.paypal.com/). If the site does not redirect you to a secure connection at PayPal, you shouldn’t use the form.
If a website doesn’t allow me to use either of these methods on a secure connection, I won’t shop there. Almost every online retailer enables at least one of these methods for buying your item.
You’re still sharing your shipping address and email address, but beyond that, you’re not sharing any additional information with that unknown retailer, which means your information is secure. You’re still relying on the security of a large online business (eBay) or your bank (unique credit card), but you’re not extending that trust to the small retailer.
I use these techniques several times a year with small retailers. It usually just adds a minute or two to online shopping and it keeps my information more secure.