nCipher Security has top tips to stay safe online on Black Friday and Cyber Monday

According to a UK consumer survey by nCipher Security, 23% of people in the UK don’t know how to tell if a website is secure and 53% will only feel “somewhat safe” if they see a formal seal of encryption appear on the screen – for instance a green check used on retail sites to indicate secure e-payments. The retail industry has also been revealed as one of the least trusted in the UK when it comes to encryption, with only 15% feeling confident that companies will protect their personal information.
However, none of the above will stop 75% of the UK customers who will be flocking to retail websites from sharing their credit and debit card details this Black Friday to secure a bargain.

Peter Carlisle, vice president nCipher Security, offers his top tips on how UK consumers can stay safe this Black Friday and Cyber Monday

  • Make sure you’re using trusted websites when it comes to your online shopping: web URLs that start with HTTPS denote a secure protocol. The “S” stands for secure and is the guarantee that all communications between the browser and the website are encrypted. In the UK, only 43% of respondents considered HTTPS to indicate a secure website to make a purchase.
  • Use payment gateways for purchases – many sites use payment gateways which are designed to protect your credit card, debit or PayPal payment methods – they never reveal your credit card information to the merchant. PayPal is regarded as one of the most secure payment methods, but it is recommended that for online payments you connect your PayPal account to your credit card, rather than your debit card, for added fraud protection.  Similar services like Amazon Pay connect your identity with your credit card information, again ensuring a safe payment environment. Credit card companies are also providing new methods for adding an additional layer of security, such as Visa Secure, that confirms your identity when you make an online purchase.
  • Ensure all connected devices are running up-to-date software: whether apps you may use for payments, or in-app purchasing, or the operating systems, making sure that your desktop, laptop or mobile devices are fully updated is a simple but critical step. In the UK, when it comes to keeping connected devices secure, only 29% said they did this by checking for software updates.
  • Enable multi-factor authentication: more and more online services and apps require multi-factor authentication. Typically, something you know (such as a password) and something you have (such as code that’s been texted to you). It’s important to opt in whenever a service offers you the added security of multi-factor authentication.
  • Make sure you’re not using unsecure public Wi-Fi: public Wi-Fi is often not secure so any data being transmitted is under threat of being intercepted. In the UK, 37% already avoid connecting to public Wi-Fi networks in an effort to keep their devices safe. Be very careful when using shared computers, as they may have malware, skimming devices or vulnerabilities, and, in many cases, they are not updated with the latest security patches.
  • Be wary of malware on retailers’ sites. If you see a deal from a company you have never heard of, or worse, make the mistake of going to a site that looks like your favourite ecommerce site (but is not) – check the URL to ensure you are on the right site. Always prioritise using well-known ecommerce companies that have a reputation for strong security. Most established sites have a number of tools to quickly identify or prevent malware.
  • Don’t “stand in the checkout line” and simultaneously look at other products.  Just like you wouldn’t leave your credit card with the cashier in a shop and then go shopping for other goods, you shouldn’t leave your payment details open online and then surf for other products.  Websites have a number of links for advertising or information links which, in rare cases, can be used for malicious purposes.
  • Always be careful of emails or sites that ask you for your personal information.  When receiving emails that ask you to click on a link or input information, check the URL to ensure it is HTTPS and rollover the link with your mouse to ensure the site you are clicking on matches where you think you are supposed to go.  Fraudulent links only have to be one letter or number different to take you to the wrong site that can then steal your information.  If in doubt, type in the URL for the main site like Amazon and then go to the relevant section to, for example, track your packages or change your password.