Using your credit card on line
02-18-2013, 09:19 AM
#1
Senior Member
Thread Starter
Join Date: Sep 2011
Location: Clearwater Kansas
Posts: 386
Using your credit card on line
I just read the message about the credit card problem the people had in California. The man who sometimes works on our computers told me that every time I order something on line I need to go to Tools, Internet Options, Content and click on the box Clear SSL State. This will clear all your credit card information off so someone cannot come behind you and hack your card information. He said to do it IMMEDIATELY after you order. This would not have helped these unfortunate people, but might help someone else in the future. We have had our card hacked twice in 2 weeks from the same credit card company. They caught it each time and closed the account each time. This happened after they had reissued another card from the first incident. I quit using the card after that for another reason. Hope this helps someone down the road.
02-18-2013, 09:56 AM
#2
Power Poster
Join Date: Jan 2009
Location: Front row
Posts: 14,646
Thanks for the info. There are so many browsers and each setting is different in each one. Most cases it's the online business data bank that is hacked that has customer info stored. I quit using cc to make online purchases. I use a prepaid card or buy gift cards by check from my favorite online shops. Quick and easy buying got us in this mess so precautions that may take longer is the only solution other then building more prisons.
02-18-2013, 10:14 AM
#4
Banned
Join Date: Dec 2010
Location: West Islip, NY
Posts: 659
here is a definition of it:
In an SSL session (using https://), when a server asks for a certificate to verify that you are who you say you are, the chosen certificate is saved in a cache. The chosen certificate can remain in the cache until you restart your computer. Clicking the Clear SSL State button removes all certificates from the cache without having to restart your computer
In an SSL session (using https://), when a server asks for a certificate to verify that you are who you say you are, the chosen certificate is saved in a cache. The chosen certificate can remain in the cache until you restart your computer. Clicking the Clear SSL State button removes all certificates from the cache without having to restart your computer
02-18-2013, 04:30 PM
#8
Super Member
Join Date: Sep 2011
Location: Columbus, OH
Posts: 1,365
Originally Posted by ro
here is a definition of it:
In an SSL session (using https://), when a server asks for a certificate to verify that you are who you say you are, the chosen certificate is saved in a cache. The chosen certificate can remain in the cache until you restart your computer. Clicking the Clear SSL State button removes all certificates from the cache without having to restart your computer
In an SSL session (using https://), when a server asks for a certificate to verify that you are who you say you are, the chosen certificate is saved in a cache. The chosen certificate can remain in the cache until you restart your computer. Clicking the Clear SSL State button removes all certificates from the cache without having to restart your computer
02-18-2013, 05:01 PM
#9
Super Member
Join Date: Jan 2011
Posts: 1,812
Originally Posted by Pollytink
I use Firefox....where do I find this? I checked everywhere and don't find a Clear SSL State button!
I use ccleaner and it clears all the gunk out for me-history, temp files, cache, etc. etc. I run it after I purchase online, and when I am shutting down the computer. It is free from filehippo.com.
And, I don't just do this when using cc or closing out computer, I use it after I go online and check our paychecks or make changes to our benefits through my DH's work website. You never know.
Last edited by NanaCsews2; 02-18-2013 at 05:04 PM.
02-18-2013, 05:34 PM
#10
Super Member
Join Date: Jun 2010
Location: Western Nevada
Posts: 2,520
Clearing your SSL cache is probably useful if you are using a public computer, like at the public library, or if you have a hacker living in the house with you. It's really a waste of time and totally unnecessary though if you're using your own computer at home. About the only way anyone could get any usable information from your SSL settings is if you weren't careful about where you browse, weren't running any kind of malware protection, and aren't running behind any kind of firewall.
Your SSL certificate doesn't contain any financial information -- all it does is handle the encryption of secure transactions and lets the server (store) you're talking to know that it's still talking to the same computer it was 10 milliseconds ago.
What you need to be concerned about is that you only do business with businesses that have valid SSL certificates, and that encrypt all financial transactions so that your transaction, and your financial information can't be hijacked along the way.
The way to do that is to first make sure that if you're on a webstore, when you get to the checkout phase the url's being used start with https, not http. The s there means you are involved in a secure session and your communications with the server are being encrypted.
You should also look for a security logo on the home page someplace, like Symantec, Comodo, Geotrust or other. If you have any doubts about the store you can check with the certificate issuer, and they should be able to tell you if the business is legit. Legitimate businesses have to go through extensive checks, including providing their business licenses, financial records, etc in order to get a qualified security certificate. In the case of our store we had to supply lots of information and be double and triple checked four ways from Sunday before they'd issue us our security certificate, for which we have to pay hundreds of dollars a year.
If you want to check a stores SSL certificate, there's an easy way to do it. Go to http://www.gogetssl.com/check-ssl-installation/ and put in the name of the url, like www.quilt-kits-online.com or somesuch. This tool will give you back output showing the validity of the SSL certificate and who it's registered to. Then you just make sure it's registered to the same url as that which you're shopping on.
Being careful about where you shop and who you disclose your cc numbers to is 90% of being safe with online transactions. And not falling for phishing scams is most of the rest of it.
One thing I would be careful about is leaving your cc info in a store to make it convenient to shop the next time. There are very few places I'd do this, and I'd never do it in an online fabric store or other shopping venue, except the largest, like Amazon, that are top flight in terms of their data security. For instance, lots of people have left CC info at Connecting Threads website, and that site was recently hacked and thousands of CC's stolen.
Any small online merchant with any brains will refuse to store customers' financial information on their systems. The cost to protect it properly is very high. Also, if you call a store and order something over the phone, you should always ask the merchant how he intends to handle your cc number.
The correct answer is that it is entered directly into their merchant services system or if written down it must be immediately shredded after being entered. Under no circumstances should the merchant be storing your cc numbers in a file, etc.
You should also never ever send a merchant your cc info in an email, or a "contact us" form as anyone could see those.
With secure transactions, like I described above, you are really more secure ordering online using a secure shopping cart than you are calling in an order by phone.
Hope this advice from one who is on the other end helps you to be more safe online!
Your SSL certificate doesn't contain any financial information -- all it does is handle the encryption of secure transactions and lets the server (store) you're talking to know that it's still talking to the same computer it was 10 milliseconds ago.
What you need to be concerned about is that you only do business with businesses that have valid SSL certificates, and that encrypt all financial transactions so that your transaction, and your financial information can't be hijacked along the way.
The way to do that is to first make sure that if you're on a webstore, when you get to the checkout phase the url's being used start with https, not http. The s there means you are involved in a secure session and your communications with the server are being encrypted.
You should also look for a security logo on the home page someplace, like Symantec, Comodo, Geotrust or other. If you have any doubts about the store you can check with the certificate issuer, and they should be able to tell you if the business is legit. Legitimate businesses have to go through extensive checks, including providing their business licenses, financial records, etc in order to get a qualified security certificate. In the case of our store we had to supply lots of information and be double and triple checked four ways from Sunday before they'd issue us our security certificate, for which we have to pay hundreds of dollars a year.
If you want to check a stores SSL certificate, there's an easy way to do it. Go to http://www.gogetssl.com/check-ssl-installation/ and put in the name of the url, like www.quilt-kits-online.com or somesuch. This tool will give you back output showing the validity of the SSL certificate and who it's registered to. Then you just make sure it's registered to the same url as that which you're shopping on.
Being careful about where you shop and who you disclose your cc numbers to is 90% of being safe with online transactions. And not falling for phishing scams is most of the rest of it.
One thing I would be careful about is leaving your cc info in a store to make it convenient to shop the next time. There are very few places I'd do this, and I'd never do it in an online fabric store or other shopping venue, except the largest, like Amazon, that are top flight in terms of their data security. For instance, lots of people have left CC info at Connecting Threads website, and that site was recently hacked and thousands of CC's stolen.
Any small online merchant with any brains will refuse to store customers' financial information on their systems. The cost to protect it properly is very high. Also, if you call a store and order something over the phone, you should always ask the merchant how he intends to handle your cc number.
The correct answer is that it is entered directly into their merchant services system or if written down it must be immediately shredded after being entered. Under no circumstances should the merchant be storing your cc numbers in a file, etc.
You should also never ever send a merchant your cc info in an email, or a "contact us" form as anyone could see those.
With secure transactions, like I described above, you are really more secure ordering online using a secure shopping cart than you are calling in an order by phone.
Hope this advice from one who is on the other end helps you to be more safe online!
Last edited by QKO; 02-18-2013 at 05:41 PM.
Thread
Thread Starter
Forum
Replies
Last Post
AlwaysQuilting
General Chit-Chat (non-quilting talk)
7
10-14-2011 06:41 AM
amma
General Chit-Chat (non-quilting talk)
4
08-10-2009 10:20 AM
Jim's Gem
Pictures
58
04-04-2009 03:22 PM
