Online payment: areas of risk and safety 

  



Source: nw.rian.ru 

The emergence of the Internet
and plastic cards has changed the world, but doomed humanity to unforeseen
attack. The
common Internet users, which are calculated for purchases online using credit
cards, the problem begins to excite security payments only when this becomes
necessary. 

   

Experts believe that current
conditions do not underestimate the security calculations. This market professionals should care about it
constantly. 

   

"Our business, primarily
related to security. Who will use the system, whatever it may be convenient
if there is no confidence in its safety? "- Said Julia Kashchenko, manager
of marketing and PR company that specializes in systems express payments. 

   

To protect an individual
computer or network needs a firewall, or at least a software firewall,
antivirus completed. To
not pick up "Trojans" must listen carefully your admin: do not go to
the "bad" sites, do not open emails with attachments from unknown
recipients, etc. However, such actions are not only heard by those who
do not know what the computer. 

   

How to increase security 

   

Problems arise when there is a
likelihood that data may be lost from the system of payments or outlet. In
Ukraine there are only three systems that serve the online stores - Interbank
system Portmone.com, Ukrainian processing center and the private. 

   

Julia Kashchenko share
experiences on the protection of information in his company: "If you talk
about the safety of customer data, then, unlike similar solutions, which are
limited to using SSL-encryption (a protocol that protects data sent between Web
browsers and servers, any website, whose address begins with
https, supports SSL) for data transmission, the company went further. Currently,
payment systems require banks, processing centers and payment service providers
(PSP) comply with safety standard Payment Card Industry Data Security Standard
(PCI DSS). According to him, not only provides data encryption
during transmission over the Internet, but also of the whole set of
requirements - network security, secure storage of critical data, security,
software development, organizational security, and much more. In addition, the standard provides a quarterly network
scanning resources and passing the annual internal audit.In other words - the
implementation of this standard protects not only when passing through the
Internet, but when used within the company, including from employees ". 

   

With regard to retail outlets,
in this case, no one can guarantee that that alone, the risk of the primary
stage of a company that lost data customers - a trust. 

   

For its part, the international
payment systems introduce expensive technology 3D-payment purchases. The
acquisition of such technologies Ukrainian banks at the current level of
Internet commerce will pay off not too soon. 

   

An interesting technology is
MasterCard SecureCode, which enables trading companies to shift the risk of
fraud on the issuing bank that provides credit cards. 

   

The key technology is the
current 3D-Secure - secure transaction system for online payment system is
designed Visa. The
basic principle of the system is that the data card is inserted in calculations
on online store, and at the bank, which is much harder to cheat. However,
the problem is the system requirement to be kept absolutely everything: banks,
acquirers stores, the issuing bank. Today,
3D-Secure technology in Europe, supporting almost all stores, but the former
Soviet Union it is not too common. 

   

Increasing the security of
payments, foreign payment systems often perehynayut stick and blocking customer
accounts without explanation. And
the customer is compelled, losing time, long time to prove the right to use their
own money. 

   

Certainly, the role of banks in
the development of this technology is not only to have their own payment
service provider, but also in education. 

   

"The most important thing
that can make the banks - is to conduct outreach to cardholders. It is important that each cardholder know the rules of
it, the algorithm of action in case of loss (theft) cards, the rules of safe
Internet browsing, "- says the Deputy Director of the Department of the
card business of a bank Andrei Petrenko. 

   

Probably the most effective
methods to respond quickly to fraudulent online payments are monitored. Yes,
banks spend online monitoring of suspicious transactions and can warn the user
in case of doubt in the nature of payments. However,
it is important to understand that the number of daily transactions,
calculating millions trace illegal small payment, without some suspicion that
the bank can not. 

   

"Monitoring is the online
mode and block suspicious transactions in the company. Verification
system to verify the legitimacy of the payer of plastic cards. In
identifying suspicious transactions, our company works closely with banks,
processing centers, international payment systems and EMA Ukrainian Interbank
Association. Together
suspicious cards blocked and perevypuskayutsya. After
reviewing the history of transactions on the cards, banks are expected to
successfully place leaks and carry out relevant work ", - says Yulia
Kashchenko. 

   

In addition, monitoring helps
protect settlements installation of special software that can detect an
operation reminiscent of fraud (for example, often use the card for payment on
the Internet for a short period of time, paying bills for amounts that far
exceed the balance on your card and t . on). 



At the same time it is important
not to overdo it, raising security payments online. Experts
believe that one important aspect is mifolohizatsiya this issue. 

   

"What a rare article about
security without needing strashylok and powerful stories about hackers /
kardera? Which
journalist in his request for a story about online payments are not asked:
"Tell us some terrible examples of hacking? It
led, that people learn something interesting about any horror stories, good
news, no one care about "- says Yulia Kashchenko. 

   

She said that overall card fraud
statistics is distributed as follows: ATM - 70% in normal trading networks -
25%, and only 5% - on the Internet. 

   

Safety 

   

In calculations using a credit
card, the customer, according to Yulia Kashchenko, must always remember that
the bank will never ask for email or telephone personal information about its
customers (login and password, card number, PIN, account number, passport data ). If
a person received the information letter from the bank, which contains a link
to verify the latter - as a rule, fraudsters are inattention customers. You
nastorozhytysya also, if asked to enter card information online to transfer
money - for example, to pay wages. Typically,
such sites are fraudulent and designed to cajolery details of payment cards. 

   

In addition, the owner of a
plastic card to remember: 



   

1. You
can not disclose details of its payment card unknown and unauthorized people. 

2. When
paying via the Internet to check whether used on the input card secure
connection (shown in the address bar https ://). 

3. Pin-code
card to pay for the Internet is not used and therefore not required to
legitimate shops. 



4. You can enter card details to sites that offer
questionable earnings on the Internet and require that all details of maps,
including the CVV2 code. 





   



Banks are, explains Andrey
Petrenko, should take measures designed to ensure the safe operation of the
Internet: 



     Order a separate card
especially for calculations on the Net, it should be an amount correlate with
projected costs; 

     Set limits (daily, occasional)
on operations (in accordance with planned expenditures); 

     Anybody and under no
circumstances to disclose data cards; 

     Not to purchase goods
(services) using the sites, the authenticity and purity law which is doubtful; 

     Read the forums to discuss
sites that are fraudulent. 



In addition, according to Andrei
Petrenko, in the process of improving security in online payment cards may have
other problems: some sites do not handle CVV code is not supported by Security
payments are also sites that are specifically designed to deceive cardholders -
so-called "phishing sites. 

   

It should be noted that in many
cases, the stolen money was not returned.