How to Determine if a Website is “Secure”
by Robin Slade
eCommerce, online banking, and other websites often promote the safety and soundness of their site by stating they use a “secure connection” for transactions. But do you know what this means and how to check if it’s true? You are the first line of defense in guarding your own information, so it’s important to know both these things.
The Internet is nothing more than a bunch of interconnected computer networks exchanging and sharing information. You may pass through upwards of 20 to 30 different networks just to get to one website. PC users, want to see how many you passed through to get to FraudAvengers.org? Here’s a simple way to find out:
On your computer -
- Go to “Start,” and select “Run”
- In the “Run” box type “tracert www.fraudavengers.org”
- Press “Enter”
What you need to understand is that at any point between networks information can be intercepted and compromised. So adding a “secure connection” (a “secure socket layer” or “SSL”) means your information is encrypted during transmission, so if it does happen to get intercepted, it’s unlikely to make sense to the receiver.
Any webpage asking for you to enter personal, medical, or financial information needs to be secure. If it isn’t, don’t use it!
How can you tell if a website is truly secure?
- The URL for the page where you enter your personal information (the website form) should start with HTTPS (not HTTP). Note that typically, only the pages that display or ask for personal information are secure. For instance, a homepage, most often is not secure, but the checkout page is, and that’s ok!
- There is a picture of a padlock, somewhere on the browser. Note that the lock should appear in the browser itself, not the window displaying the website!
- Click the lock to see the website’s security detail and make sure it’s valid. Fraudulent websites will often paste a picture of a lock, much like I did here, somewhere on the page to try and fool you into thinking your information is secure.
- Many merchant sites will provide a seal from the SSL certificate vendor (i.e., Verisign, TRUSTe, GeoTrust, COMODO, SSL.com, etc.). Again, click on it to be sure the certificate is valid, current, and belongs to the merchant site you’re using.
Remember, the first line of defense starts with you! A few simple steps to ensure you’re entering your personal, medical or financial detail on a secure site can reduce the likelihood of your information falling into the hands of a criminal, and lower your exposure to fraud.