FROM THE TUSTIN NEWS, THURSDAY, JUNE 24, 2004


THE DOC IS IN...

Everything involved in an Internet business transaction

Is there anything secure in a secure Internet connection? Let's examine what is involved with a transaction to buy a book from Amazon.com.

I have my credit card in my hand and sign on to www.amazon.com to purchase my book. My Microsoft Internet Explorer browser takes me to Amazon's web page, http://www.amazon.com. Since I have wiped out my cookie file using my Internet cleanup program, Window Washer (www.webroot.com), Amazon does not remember me and asks me to sign in again. I enter my email address and password and a new web page appears saying, "welcome back Art." I notice that the address of this new page is https://www.amazon.com. And in the lower right corner of my browser screen, a small locked symbol appears. I have been redirected to a "secure server." The "http" in the address has changed to "https."

Is this significant? Yes and no. I have another small program called NeoTrace (free download from www.networkingfiles.com, click Ping and Trace) that indicates there are twelve computer locations between Amazon and me. Interestingly, one of these is in Europe. Technically, anyone of these locations could intercept my Amazon order as it passes through and take my credit card number and other information. Does this happen? Probably not, but...

Enter the Secure Server. When Amazon redirected me to the "https" web page, it took advantage of a standard Internet protocol called "Secure Sockets Layer." The technical details aren't important. But what it does is use encryption to put my Amazon purchasing details into code inside my computer that cannot be read by any of the computers between Amazon and me. Only Amazon can decode the information and complete my transaction. Secure Sockets Layer, or SSL, was developed by Netscape to transmit private documents over the Internet and is used by Microsoft and other browser software.

Does this make me safe? Twelve points of possible interception have been removed, but what happens at Amazon? Someone there has access to all my information. According to my credit card company, fraud at the merchant end almost never happens. The credit card company says most fraud takes place when a customer physically hands a credit card to a salesperson who then goes someplace to complete the transaction. Besides, credit card companies do not hold us responsible for fraudulent billings on our credit card.

Do I feel safe buying a book from Amazon or other Internet merchant? I do and I have never had a problem with an Internet transaction. The only precaution I take is that I always initiate the transaction. I would never answer a request for information that I did not initiate.

Do Secure Server transactions make me feel safer? I think it's a good idea and makes me feel a little safer but if a merchant doesn't use SSL, I would still go ahead with the transaction.

SSL is a World Wide Web protocol and does not have anything to do with making other document transmission secure. Email and its attachments are not secure unless the sender and recipient use their own encryption software. If you would like to encrypt email, visit www.pgp.com to learn about a very popular program called Pretty Good Privacy.

If you would like to hear more about Internet security or other computer topics, visit "Coffee and Computers" at the Tustin Area Senior Center, 200 S. 'C' Street, any Friday morning starting at 9 a.m. Bring your questions or just come in and visit.

In the mean time, keep the neurons happy, synapses snapping and enjoy computing.

 _____________________________________________________________________________

Dr. Art Holub is a long time resident of Tustin and teaches computer and Internet courses at the Tustin Area Senior Center and the Tustin Adult School. Visit his web site at: www.arholub.com. This column is written to address the computer adventures and concerns of older adults. If you have comments, questions or suggestions for future columns, Email HIM at: doc@arholub.com.


Return to Doc's Home Page