Accountancy Forum
Online transactions - Printable Version

+- Accountancy Forum (https://www.accountancy.com.pk/forum)
+-- Forum: The Profession (https://www.accountancy.com.pk/forum/forum-the-profession)
+--- Forum: Students (https://www.accountancy.com.pk/forum/forum-students)
+--- Thread: Online transactions (/thread-online-transactions)



Online transactions - Evolution - 10-02-2003

Would anybody know how safe online transactions are? I for one have never had any problems with it and it is pretty convenient. Comments!




- smraza - 10-03-2003

Well, evolution, I didnt had any problems as well, but when you feed credit card information as required, it is first converted into anyother language, and transmitted in same, so it seems safe, but there are hackers you run different softwares which catch these data (converted data) and revert it to the information actually feeded. but i have never heard the case from anyone's words of mouth.

S M R


- jbladeus - 10-03-2003

Today's economy relies heavily on the security of online transactions and major players have invested literally billions of dollars in research and development of processes to keep these transactions secure.

In my opinion, all secure online transactions which use the PKI (Public Key Infrastructure) are pretty secure while travelling through the net. Public keys generally use complex algorithms and very large hash values for encrypting, and 128-bit encryptions are the current-day standard.

It is estimated that even if anybody catches and tries to decipher the encrypted transaction, he would have to try atleast 2^128 combinations, which if written in simple mathematical terms, will come to somewhere around 402,823,669,209,384,634,633,746,074,300,000,000,000,000,000,000,000,000,000,000,000,000 different combinations! This would be like trying to find one particular grain of sand in the Sahara Desert!! It is estimated that the most powerful computers of today would take literally years to crack this sort of encryption.

However, there are a few vulnerabilities in this system which could easily be mitigated through common sense. These are

1. The user himself allows his credit card number to fall in some other's hands.

2. The keyboard of the computer on which the user enters the transaction is being logged, ie every key the user presses can be seen by somebody on another computer. You all mustve heard of Trojans. These trojans create a link between your computer and some hacker's computer who will be able to see which programs u are running or what keys are you pressing on your keyboard. A good antivirus program helps to keep these trojans and keyloggers away.

3. The merchant to whom you are paying by credit card could be fake. To counter this, certifying authorities like Verisign etc have arisen whose work is to ensure and certify that the online merchant who is accepting you credit card is authentic. One must always check the certificate of the merchant before making an online transaction. This can be done by clicking the small yellow lock which appears on the lower right side of your browser screen. This lock shows that a secure transaction is being carried out through a SSL channel(SSL = Secure Socket Layer). When one double-clicks on the lock icon, a certificate in the name of the merchant issued by the certifying authority should appear.

It is to be noted that the appearing certificate is not sent by the merchant himself, instead it is sent by the certification authority which acts as the middle-man in this secure transaction, therefore there is no chance that this could be a fake certificate. However, the certificate should still be checked for its expiry date. Payments should not be made to merchants whose certificates have expired.

________________________
Arrrgh... it sure's gonna be mighty rough sailin' today ... mates!


- Farhan Ali - 10-03-2003

hi all...

the technological aspect of every online transaction is said to be safe. as Guybrush has pointed out, it is next to imposible to break the cipher.

but the human aspect of it is vulnerable. we as all vulnerable to con artists(frauds). cyber criminals are all con artists first. then they are computer geeks. so, if you are smart enough not to be coned, online transaction is safe.

let me give you an example. the cyber criminal would set up a site, with juicy flesh revealing stuf on his website. now he would ask you give him your credit card details, just as an age verification.

if you fall for this one, rest assured there is a breach. <b>there is no technology in this world that can save you from con artists. only you can save yourself.</b>

Farhan Ali