Top Tips for E-Commerce

These days, e-commerce has become so well established that the internet is beginning to displace traditional distribution chains and retail outlets. Instead of going into a shop, taking possession of the goods and paying right there, more and more consumers prefer to make their purchases over the internet.

The uncomplicated and rapid steps in the process make shopping so easy: just a simple mouse-click and the goods are ordered. The only effort required is to provide a few details, including one’s credit card number. Users who, when doing so, are not careful with their data can, easily fall prey to racketeers.

"Identity theft is a constantly growing threat. In addition to countless online retailers, the internet also offers individuals the chance to offer their wares via new retail outlets, such as eBay. Unfortunately these platforms also offer racketeers an ideal chance to get their hands on account information and user data," warns data security expert Rieke Bönisch of Utimaco Safeware AG. "This does not mean we have to do away with e-commerce. On the contrary, by observing certain fundamental security rules and behavioral guidelines, one can protect oneself against the more common threats found on the world wide web and thereby come to enjoy one's virtual shopping spree again".

Our data protection expert has therefore compiled a list of the eight most important rules for shopping over the internet, so as to ensure that all those who enjoy shopping can continue to do so when bargain hunting:

Trust your Common Sense and your Intuition

Do business with companies and retailers that you already know. Large companies that are considered reputable, generally represent less of a risk than smaller or unknown firms. The first time you visit a new website, pay attention to the first impression it makes. Does the website inspire confidence? This can be determined on the basis of numerous factors. Take note as to whether the company actually exists or whether it is merely a virtual entity. Is there a legal disclaimer? Is an address or telephone number indicated? Even better is to actually try calling the number.

You can also check online, whether the company is listed in the Yellow Pages. How professional is the website? A professionally designed website does not automatically mean one is dealing with a reputable company, but flawed websites often serve as a helpful indicator that the company might not be reputable. What is the relationship between what is being offered and the prices being asked? You should be suspicious of websites which try and lure you with prices that are too low, because this could be a trap.

Finally, you should try and gauge what other opinions of the company in question are. Is there feedback from other users or recommendations concerning the company on the internet? Have friends, colleagues or acquaintances already used the company in question?

Familiarize yourself with the Terms of Use and the Data Protection Policy

Every commercial website is required to publish its terms of use and data protection policy. In return, the customer is required, upon his or her first visit, to confirm that he has read these conditions and agrees to be subject to them. Otherwise, he or she will be unable to log in and unable to make any legally binding purchases. However, most users fail to read the fine print, which can turn out to be a fatal error.

Even if these clauses generally follow standard templates and do not represent grounds for concern, they can sometimes entail hidden costs or obligations. It is better to familiarize oneself with these clauses from the very outset and not to be confronted with any unpleasant surprises. Thus it is worth taking the time, at least once, to carefully study the fine print rather than regretting not having done so later.

Only make Purchases from Secured Websites

The most important difference between a secured and unsecured website is that on a secured website information is transferred using encryption technology. The user enters his or her data, such as e.g. a credit card number, this is then encrypted using special software and then transferred to the seller, who decrypts the information. Only specially authorized parties are capable of doing so. In this way one prevents hackers from getting their hands on the information “as it travels”, decrypting it and then using it for no good. How does one recognize a secure website?

The easiest and fastest way of recognizing a secure website is by means of the URL or website address. Where this starts with “https://” rather than simply "http://", then one is on a secure website (the extra “s” stands for “secure”). Another sign that one is on a secure website is a small padlock icon which will be shown on the screen in the internet browser as soon as one enters the website. If this icon is missing, then the chances are good that the website is probably unsecured. Also a key icon or a yellow-colored address line can indicate that the website is secured. Only enter your personal data and credit card information when you are sure that you are on a secure website which ensures secure communication.

Only provide personal information about your person which is absolutely necessary.

Hometown, name, date of birth, mobile phone number, hobbies, many website operators wish to know much more about their users than simple address data. Not every purchase requires this much information. For the most part, the required fields are indicated by means of an asterisk. Such required fields usually involve name, address, and account information. Filling in or crossing off any other fields is usually purely optional and not only takes time but also provides the website operator with a complete “customer file" on the purchaser.

You should bear in mind that providing such additional information does not benefit you at all, but rather only the seller. In addition to this, you don’t know what will happen with your data. In the worst case scenario, this information will be sold to other sellers, so that you may become the harassed recipient of spam emails or even phone calls from other sellers.

Never Provide your Password

This warning sounds so simple that it seems almost unnecessary to say it. However, in most cases of e-commerce related fraud, it is a mistakenly revealed password which was the cause of the problem. Do not reveal your password to third parties. If someone else is required to make purchases for you, then it is better if you enter your password yourself.

But even those who guard their passwords jealously should know that it is possible to reveal it unknowingly. If you find yourself working on someone else’s or a public computer, do not click on the option “remember password” otherwise any subsequent user can easily use your account. Choose a password which third parties will not be able to reconstruct with ease, such as your date of birth or the name of your dog. Rather, the best thing to do is come up with a combination of numbers and letters. Another good tip is to think of a sentence and to take the first letter of each word in the sentence; this will produce what looks like a completely arbitrary combination.

Try to Stick to Sellers from your own Region

In general, the golden rule applies: the closer the company is, geographically, to the customer, the greater the latter's scope for controlling his or her purchases. This does not mean that one should only place orders with the organic farmers from the next village down the road. However, processing times are often quicker and dispatch requires only minimal time, money and effort when the seller is not too far away.

Dispatch from companies located abroad, particularly in the USA can prove particularly troublesome. Should any problems arise whatsoever, or if the seller is suddenly no longer available over the internet, then expensive phone calls may become necessary or long-winded correspondence via regular mail can ensue.

The long distances involved can become a particularly acute source of irritation in the event of any kind of legal dispute. For instance, if the user orders and pays for an item from an overseas-based firm, but never receives his or her purchase, the chance of subsequently enforcing his or her rights are very small.

It is for this reason that you should only order goods from very distant sources after having considered the matter in depth. Of course, the size and reputation of the company play an important role in these considerations. A few companies have representative offices worldwide and can thus make delivery promptly, or have been set up, so that one can in all likelihood trust them.

Always check your Credit Card

Identity thieves can get hold of your credit card number by a variety of means so as to be able to make purchases using the names of their victims. One of the most common attempts is by means of so-called password fishing or “phishing” emails, where the unsuspecting user is asked, allegedly in order to update customer information, to send personal account information to his or her bank.

In reality, the response email is sent directly to the racketeer in question. Even if the email seems authentic (with the Bank’s trademark etc.), you should always keep in mind that no bank asks its customers per email, post or telephone, to provide information or a PIN, since they are absolutely confidential. Nor should you give credit card numbers to unauthorized parties.

As a precaution against fraudulent use of your account, you should always check your account balance regularly after having made purchases over the internet, and verify any debits exactly. Where any amounts have disappeared mysteriously, then the bank must be informed immediately thereof.

Retain all Orders or Purchase Information

Regardless of whether this is done in the form of printouts or copies on your computer, important purchase information such as order forms or confirmations of sale should always be retained in one form or another. In the event of faulty delivery or an invoice which is too high, then one at least has proof or some kind of indication as to what was really ordered.

The confirmation should contain an exact description of the product, the price paid, the name of the seller and the order or customer number. It should also contain the name and address of the seller. More often than not, internet customers will also get an email confirming their purchase and order. Be sure to retain these carefully.