Quiltingboard Forums

Quiltingboard Forums (https://www.quiltingboard.com/)
-   General Chit-Chat (non-quilting talk) (https://www.quiltingboard.com/general-chit-chat-non-quilting-talk-f7/)
-   -   Using your credit card on line (https://www.quiltingboard.com/general-chit-chat-non-quilting-talk-f7/using-your-credit-card-line-t214147.html)

petlover 02-18-2013 09:19 AM

Using your credit card on line
 
I just read the message about the credit card problem the people had in California. The man who sometimes works on our computers told me that every time I order something on line I need to go to Tools, Internet Options, Content and click on the box Clear SSL State. This will clear all your credit card information off so someone cannot come behind you and hack your card information. He said to do it IMMEDIATELY after you order. This would not have helped these unfortunate people, but might help someone else in the future. We have had our card hacked twice in 2 weeks from the same credit card company. They caught it each time and closed the account each time. This happened after they had reissued another card from the first incident. I quit using the card after that for another reason. Hope this helps someone down the road.

BellaBoo 02-18-2013 09:56 AM

Thanks for the info. There are so many browsers and each setting is different in each one. Most cases it's the online business data bank that is hacked that has customer info stored. I quit using cc to make online purchases. I use a prepaid card or buy gift cards by check from my favorite online shops. Quick and easy buying got us in this mess so precautions that may take longer is the only solution other then building more prisons.

petlover 02-18-2013 10:05 AM

Those are good ideas too. I know one man that uses his credit card but has the limit set at $100.

ro 02-18-2013 10:14 AM

here is a definition of it:
In an SSL session (using https://), when a server asks for a certificate to verify that you are who you say you are, the chosen certificate is saved in a cache. The chosen certificate can remain in the cache until you restart your computer. Clicking the Clear SSL State button removes all certificates from the cache without having to restart your computer

petlover 02-18-2013 10:48 AM

That is good to know. I didn't know how it worked (computer illiterate), I just did it because he was so much smarter than I. Thanks for letting us know how it functions.

Sandra in Minnesota 02-18-2013 02:26 PM

Thanks - I will do this next time I use my credit card on line.

Stitchnripper 02-18-2013 03:14 PM

Does anybody know how to do this on a MAC?

Pollytink 02-18-2013 04:30 PM


Originally Posted by ro (Post 5870363)
here is a definition of it:
In an SSL session (using https://), when a server asks for a certificate to verify that you are who you say you are, the chosen certificate is saved in a cache. The chosen certificate can remain in the cache until you restart your computer. Clicking the Clear SSL State button removes all certificates from the cache without having to restart your computer

I use Firefox....where do I find this? I checked everywhere and don't find a Clear SSL State button!

NanaCsews2 02-18-2013 05:01 PM


Originally Posted by Pollytink (Post 5871163)
I use Firefox....where do I find this? I checked everywhere and don't find a Clear SSL State button!

Tools, options, advanced, network, and clear the cache.
I use ccleaner and it clears all the gunk out for me-history, temp files, cache, etc. etc. I run it after I purchase online, and when I am shutting down the computer. It is free from filehippo.com.

And, I don't just do this when using cc or closing out computer, I use it after I go online and check our paychecks or make changes to our benefits through my DH's work website. You never know.

QKO 02-18-2013 05:34 PM

Clearing your SSL cache is probably useful if you are using a public computer, like at the public library, or if you have a hacker living in the house with you. It's really a waste of time and totally unnecessary though if you're using your own computer at home. About the only way anyone could get any usable information from your SSL settings is if you weren't careful about where you browse, weren't running any kind of malware protection, and aren't running behind any kind of firewall.

Your SSL certificate doesn't contain any financial information -- all it does is handle the encryption of secure transactions and lets the server (store) you're talking to know that it's still talking to the same computer it was 10 milliseconds ago.

What you need to be concerned about is that you only do business with businesses that have valid SSL certificates, and that encrypt all financial transactions so that your transaction, and your financial information can't be hijacked along the way.

The way to do that is to first make sure that if you're on a webstore, when you get to the checkout phase the url's being used start with https, not http. The s there means you are involved in a secure session and your communications with the server are being encrypted.

You should also look for a security logo on the home page someplace, like Symantec, Comodo, Geotrust or other. If you have any doubts about the store you can check with the certificate issuer, and they should be able to tell you if the business is legit. Legitimate businesses have to go through extensive checks, including providing their business licenses, financial records, etc in order to get a qualified security certificate. In the case of our store we had to supply lots of information and be double and triple checked four ways from Sunday before they'd issue us our security certificate, for which we have to pay hundreds of dollars a year.

If you want to check a stores SSL certificate, there's an easy way to do it. Go to http://www.gogetssl.com/check-ssl-installation/ and put in the name of the url, like www.quilt-kits-online.com or somesuch. This tool will give you back output showing the validity of the SSL certificate and who it's registered to. Then you just make sure it's registered to the same url as that which you're shopping on.

Being careful about where you shop and who you disclose your cc numbers to is 90% of being safe with online transactions. And not falling for phishing scams is most of the rest of it.

One thing I would be careful about is leaving your cc info in a store to make it convenient to shop the next time. There are very few places I'd do this, and I'd never do it in an online fabric store or other shopping venue, except the largest, like Amazon, that are top flight in terms of their data security. For instance, lots of people have left CC info at Connecting Threads website, and that site was recently hacked and thousands of CC's stolen.

Any small online merchant with any brains will refuse to store customers' financial information on their systems. The cost to protect it properly is very high. Also, if you call a store and order something over the phone, you should always ask the merchant how he intends to handle your cc number.

The correct answer is that it is entered directly into their merchant services system or if written down it must be immediately shredded after being entered. Under no circumstances should the merchant be storing your cc numbers in a file, etc.

You should also never ever send a merchant your cc info in an email, or a "contact us" form as anyone could see those.

With secure transactions, like I described above, you are really more secure ordering online using a secure shopping cart than you are calling in an order by phone.

Hope this advice from one who is on the other end helps you to be more safe online! :thumbup:


All times are GMT -8. The time now is 08:37 PM.