Back in 2001 I decided to 'do the right thing' and pay for some shareware I was using. The shareware author had set himself up with a company named Element 5 to accept payments for him. I dutifully went to their site and made the payment with my credit card. One week later I received this strange message on my answering machine from some guy at Yahoo asking to confirm my purchase of site hosting service and email accounts. Frenzied investigations revealed that someone had gone on a shopping spree using my credit card and had bought web site hosting and a new laptop. Since I don't have a 'real' credit card, but one of those cards that pretends to be a credit card but is actually a debit card, my bank account was cleaned out.
I went to the bank right away and reported the theft. Luckily for me, the Visa First Check card offers theft protection similar to what you get with a regular Visa card, so I was protected. I filled out several forms and spent two weeks biting my nails waiting for Visa to approve my reimbursement. I did get every cent back - thank you Visa.
Being the conscientious guy that I am, I sent an email to Element 5 telling them that I believed their security has been breached. I had good reason to suspect them; their site was the only place I had made an online purchase that month. Element 5 never returned my email. Visa didn't even care about where I thought the breach was. The bank wasn't interested. Everyone's attitude was, "you're covered so it's no big deal."
Without a doubt, I think that shopping online is much more secure now than it was in 2001. Still, I don't buy from mom and pop stores with any-old-shopping-cart-software. I won't do so until someone comes up with a better security model.
Monday, March 08, 2004
No Good Deed Goes Unpunished
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment