Monday, May 12, 2008

Online Shopping Safety: The Internet Privacy Problem

When you are shopping, banking or accessing other sensitive or confidential information online, how can you be sure that no one can monitor or intercept this personal information? Moreover, how can you be sure that someone can’t get this information from your computer later? The answer of the first question is simpler that the second one. Mil Shield is a powerful privacy protection tool that can automatically clean all online and offline traces from your computer, which is very important to your Internet privacy, as you will see below:

Traces left on your computer:
The discussion above covers the protection of your Internet privacy from Internet cheats or impostors. However the encryption can not help if someone gets to control your PC or has access to your computer through one of the numerous security holes in the operating system and application software. The thing is that Internet Explorer leaves many traces of your Web surfing. These include Internet history, cookies, Temporary Internet files (a.k.a. Internet cache) and Auto Complete forms and passwords. If an intruder gets access to these traces, he can have a full record of all Web surfing and even some of your computer activities that are not related to Internet.

You can delete some of these traces through Internet Explorer options but not all of them are really deleted (see the article Delete Index.dat files for the most obscure and hard to erase traces). Furthermore, it is real pain to have to clean even these traces because there is no centralized place to control this and there is no way to automate the process. Finally, some of the traces are actually good for your browsing experience – Internet cache speeds up the browsing, cookies protect you from entering your user information over and over again and history makes it easy to type the addresses of your favorite Web sites.

Secure pages and secure connections:
Everything that you enter in the online forms when you are shopping, travels through many (tens or even hundreds) switching devices and computers. In order to be sure that no one can intercept this information, a special way of communication is used, called Secure Socket Layer (SSL). SSL ciphers (encrypts) the information on your computer and deciphers (decrypts) the information on the Web server that you are accessing. But how can you be sure that SSL is used

when you are shopping online?

First, you have to look at the address bar of your browser and see what the address of the page where you enter your personal and credit card information looks like. If the address begins with https: (s for secure) instead of http:, then this page is using SSL. Note that only the page(s) where you actually enter your personal and credit card information need to be protected with SSL. All other pages on the Web site in most cases don’t use SSL because they don’t need to.

Digital certificates, cipher strength and Internet privacy:
With SSL (the secure protocol described above) you can be sure that no one can intercept and decode the private information sent to the online store or whatever web page you are accessing via secure connection. However, there is another danger – how can you be sure that the online shop itself is not a cheat or impostor?

To address this concern, when you visit the online store order page and you submit your personal data, the online store server automatically sends its digital certificate. This is essentially an electronic ID card that proves the online store identity to your browser, and verifies that it was issued by a certificate authority that your browser trusts. This certificate is issued to the online store by a trusted third party called a certificate authority. In addition to proving the online store identity, the certificate provides a cryptographic "key" (cipher) that is used to encode and decode your communication with the online store. Once your browser approves the certificate, the secure server encrypts any information before it travels across the Internet.

Conclusion :
As we saw the online shopping experience can be safe and joyful only if we take some precautions. Here is a summary of the steps that you need to follow in order to protect your Internet privacy:
- Check if the order page(s) are SSL protected. The address of the page must begin with https: and (if you are using Internet Explorer) the little padlock icon on the bottom of the browser window must be locked.
- If the security alerts of Internet Explorer don’t bother you, leave them turned on (or turn them on if they are turned off).
- Use a browser that supports 128-bit cipher strength and (if you are really paranoid) check the digital certificates of the secure pages.
- Use a privacy protection program like Mil Shield in order to avoid the possibility of someone that can steal your personal information after the online transaction.
Well, happy shopping!


No comments: