Online retailers are being urged to tighten security policies over the Christmas rush to prevent shoppers losing faith in purchasing over the internet, security experts warned today.
NTA Monitor noted that online retailers will have their busiest Christmas season yet, as site visits increase by eight percent compared to Christmas last year.
However, the Association for Payment Clearing Services warned that card-not-present fraud is on the increase since the introduction of chip and Pin.
Roy Hills, technical director at NTA Monitor, urged online retailers to tighten their security policies to prevent this type of crime escalating.
"It is just a question of companies taking some easy precautions and having a clear security policy which is adhered to, but many online retailers are still leaving themselves and their customers exposed," he said.
"Unfortunately, many websites do not carry out adequate security checks. I have lost count of the number of websites that do not bother to send a notification to my billing address if I get an order delivered elsewhere."
More online retailers are taking precautions against hackers sniffing credit card details in transit, but a substantial number do not adequately protect against the use of cloned or stolen cards, according to Hills.
NTA advises retailers to ensure that they ask for the billing address as part of the online transaction, as requesting only a delivery address may enable fraudsters to place an order without confirming the card's registered address.
Web retailers should also ensure that they deliver goods to the card billing address. This makes it less likely that someone can use stolen details to purchase goods at a website.
Online retailers that need to offer the service of sending the goods to an alternative address should always send an order acknowledgement to the billing address to make sure that the card owner is aware of the purchase.
An additional security precaution should be to ask for the last three digits on the reverse of the card, known as the Card Security Code.
Hills advises Web shoppers to look for websites that show a browser padlock symbol to indicate a 'secure session'.
Shoppers should not use a website that does not provide a landline telephone number or full address, and should destroy all receipts and statements before disposal.
It is also good practice to check bank statements carefully each month to look for unusual transactions.
Web retailers urged to tighten security
By Robert Jaques on Nov 14, 2006 9:45AM