|
Yes, I shop online, but even more importantly, I own my own company building e-commerce websites. I can tell you, there's nothing that an e-commerce merchant has a closer eye on than the privacy and security of customer data. Nothing will shut down a site and close a business faster than a privacy breach--at least, businesses the size I work with.
My standard practice in handling the most sensitive of your data--your credit card information and your password on the site--is to either never store it, or never store it unencrypted.
When you give a site I've build your CC info, it goes straight to the bank. We get back a "authorized' or "declined" and that's what we store. The site doesn't record or store your financial info in anyway. That means that when you log into the site later, we can't just magically already know your payment info, but I think that's a very fair trade-off for your security.
I keep passwords encrypted--so, you type in your password, I encrypt what you give me, and compare that to the encrypted password I have stored. That way even if data were to somehow find its way out of my database, nobody could come to the site and pretend to be you. Nothing revolutionary there--it's how Unix passwords have worked since the '70s, but it's still something average users don't realize.
Now, there's the concern about fraudulent businesses out there who will take your money and provide lesser or no product. I can't say much about that, because I know that such things do happen. Stick with more reputable companies, or check the Better Business Bureau online if you have any concerns.
|