Buying on the internet is becoming more common. From the living room of your house you can purchase the shoes or dress that you like or get christmas gifts in less than 48 hours. But shopping online is not always safe.
Technical safety measures
Use a secure network. When we go to make a purchase, regardless of the online store that is, it is important to do it from a reliable network such as our home. It is not advisable to make a purchase from a public Wi-Fi network such as a bar as someone might be intercepting the communications and with it possibly our personal and banking data.
Updated and protected device. All software installed on the device must be updated, this will correct any known vulnerabilities that may affect our privacy. It is also advisable to have an antivirus installed on the device to avoid some kinds of malware that are capable of collecting personal and bank information.
HTTPS. The information transmitted is encrypted, In the contact form or when we have to enter banking information, such as the card number, it always has to be on a page with encrypted https.
Security certificate. In addition to the address starting with https, the security certificate you have, must match the site where we are browsing, this way unequivocally identifies that the website should be the one that should be and not an illegitimate.
Virtual keyboards when entering bank details. A virtual keyboard is a type of software that simulates to be a conventional keyboard and its operation is done by means of the mouse, its use is very common in online banking. Some classes of malware are able to capture the keys we press on the keyboard and send that text to cybercriminals. This is especially dangerous when we enter banking data because even if the online store is trusted, our device may be infected with this type of malware called a keylogger. This threat can be avoided by using virtual keyboards since this way the malware will not know which key we are pushing. Windows incorporates a virtual keyboard as an add-on in its operating system although it is also possible to use other software such as extensions for browsers.
Store Information
Company information. The most common is that this type of information is at the bottom of the website in a link called "Legal notice" although this does not have to be so in all stores. Regardless of the section in which the store is located, it must show name, company name, physical address and also provide contact information.
Personal data collected and used by them. In another part of the web, generally in "Privacy" although it can be in another place, the store has to inform us what personal data it collects and what its purpose is. You also have to tell us what privacy policy you will apply and whether they will be ceded to another company.
Shipping and return policy. The shop must clearly state its shipping and return policy, in addition to indicating in case of wanting to make a return, who will be in charge of assuming the costs of the shipment.
Forms of payment accepted. Payment methods accepted must be clearly specified, and it is always advisable to allow different forms of payment.
Cookies. According to the LSSI any web that makes use of cookies must inform of it, assuming that we consent its use whenever we continue browsing the web.
Stamps of confidence. Some online stores have trusted stamps, which guarantee that the web meets security requirements established by the organizations that accredit them, as long as they are legitimate. Generally the organizations that distribute the stamps generally have a search engine that allows to determine if the store has the seal or not, and that the seal does not imply that the company has it.
Payment methods
Any online payment method that we choose has to have encrypted the information, using the https protocol and a valid security certificate that corresponds with the service where we are.
If we decide to choose the credit card method we must be aware that the payment gateway corresponds to a known financial institution and that the digital certificate also corresponds to it. Giving our credit card data to a stranger is giving you the ability to use it in some illegal activity.
Another method of payment that has security guarantees is to use an entity that acts as an intermediary such as PayPal, as the seller will never have access to our banking information.
The most secure method of payment is counter-reimbursement with possibility of opening, since we do not provide bank information and only pay if we receive the order, but in many cases, it is not available or has associated an increase in the price of the product, which Should be evaluated.
We have to be alert in case the store has several methods of payment since some fraudulent shops offer their customers different methods, but only the credit card is functional, no payment gateway and no https protocol.
Other security measures to be taken into account
Search for store information. Looking for information and comments from other store users on Google may give us information about the legitimacy of the store.
Be wary of ads that arrive in the mail. Beware of buying from ads that we have received in the email or in ads of web pages since in many occasions the stores that offer those ads are not legal. Perform all checks beforehand to avoid scares.
Do not provide more information than necessary. When we are going to make a purchase on the Internet it is essential to provide certain personal information but not to provide more than necessary.
Very low prices. If the price of a product is abnormally low, it is an indication that the store may be fraudulent.
Poor quality images. Legitimate stores usually take care of the aesthetics of your website and do not use poor quality images.
Save the invoice. It is always advisable to save the invoice of the order in case in the future we have to make a claim.
Complete information about the order and product. Before finishing the order, the store has to show us the total price to pay, including shipping and taxes.
Purchases of second-hand products
Very low prices. As with online stores, a seller offers a product at an extremely low price, is a symptom with which we have to start suspecting.
Contact only by email. If the seller has only contacted the email or added a contact phone but never responds or is disconnected, you also have to be suspicious.
Never allow the purchase in hand. When the seller does not want to stay to see the product or mysteriously has been traveling for a few weeks is not a good sign.
Search for seller information. Finding information from the seller on Google can be helpful, although in many cases you will not get any results since they usually change every little time of username.
Reputation of the seller. Some sales portals have this functionality that can serve to corroborate that the seller is legal, reliable, has a good reputation, and so on. Another functionality that can help us is to check the age of the seller.
Anonymous forms of payment. We never have to agree to send money through an anonymous payment method such as Western Union, MoneyGram or the immediate post office.
Transfers to accounts of foreign banks. If we send a transfer to a bank abroad, the claims will be at an international level, which makes this possibility difficult. A transfer that has received a bank, can only be returned with the signature of the holder of the account that received it.