Sign in / up

back to article Security fears stymy online sales

One in five UK surfers are "too scared" to shop online, according to a new survey. UK Christmas shoppers will spend an estimated £13bn online during this festive season, a 42 per cent increase on last year. But despite all this economic activity 20 per cent of web users still avoid e-shopping because of fears about their …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Paul Talbot

    Again?

    Don't these figures get suggested every Christmas? And aren't the people "too scared" to shop online normally the ones who happily download every keylogger and trojan going? Better off without them, I think.

    0 0
  2. Vasco Da Gamma

    Security Fears - Payment Management

    Last month I ordered a product online - payment was through WorldPay, and was taken from my credit card account within a couple of minutes. Next morning I had an email from the trader saying they were out of stock, and please could I choose another alternative... Funny they weren't out of stock when they took my money, but then we all make mistakes.

    All the alternatives were all nearly twice as much so I emailed the retailer to cancel the order and provide a refund. A week later still no refund so I emailed and phoned their office. Two weeks on and still no refund or email acknowledgement so I called them again; also MY CREDIT CARD COMPANY DIDN'T WANT TO KNOW AS MY PAYMENT WAS TO AN INTERMEDIARY AND NOT DIRECT TO THE RETAILER.

    After 18 days I found the Managing director's mobile number on a web-search, called him, and mentioned legal action. Within 15 minutes I had email acknowledgement of a refund, but it was 2 days before WorldPay credited my account.

    Decent companies only bill your credit card when they dispatch the goods. The less reputable ones use the faceless means of contact such as WorldPay. I RECOMMEND YOU AVOID USING ANY WEBSITE THAT INSISTS ON PAYMENT THROUGH WORLDPAY OR A SIMILAR INTERMEDIARY.

    0 0
  3. andy

    blame google

    How exactly are google helping allay peoples fears when instead of providing results they throw a 403 Forbidden - your search request looks similar to results from a virus or spyware, etc, etc. Q. What was the offending search term? A. Evans. No wonder joe public doesn't know what to believe/trust on a screen in front of them.

    0 0
  4. Anonymous Coward
    Anonymous Coward

    worldpay

    Lots of smaller companies don't have the technical knowhow or money to run their own banking front end so have little choice but to use intermediary companies (worldpay, paypal) there's another one aswell but I can't remember what it was.

    So if you avoid these sorts of companies you're basically suffocating small online businesses leaving the market place to be dominated by encumbants.

    Anyway - rule of thumb. If it looks too good to be true then it is. Find other people who have used a service. Start small.

    0 0
  5. Anonymous Coward
    Anonymous Coward

    EU distance selling means 4 weeks

    The way the rules work is this:They have 4 weeks to deliver the product (as defined by EU distance selling law).

    The credit card company will refund the money, but not during the first 4 weeks because the etailer has 4 weeks under the distance selling rules to fulfill the order.

    After that period they'll refund the money (it has nothing to do with whether they use Worldpay or another card clearer).

    The merchant pays that, plus usually a charge back cost. The credit card companies don't care less, they make their money either way, but within the first 4 weeks they do not have a valid reason to refund and will B*llsh*t you like crazy so as not to appear as though they're backing the merchant.

    0 0
  6. Pete James
    Linux

    It's not just the public losing out

    While I sympathise with Vasco's plight it's a bit unfair to rule someone out due to their need to accept payments through a third party. And let's not forget there are many people out there happy to rip of genuine retailers too. To me there is a vital question of a need to trust on both sides of the fence - which parties such as banks and a bit of lateral thinking from ISPs could help effect but won't.

    PS if Anonymous Coward Directs Comments does that make him AC/DC? We should be told!

    0 0
  7. Anonymous Coward
    Alert

    Comments re Worldpay

    Your comments re worldpay are way wide of the mark.

    You could have contacted worldpay for a refund and your bank should have also taken more action. The line they span you only really applies to people like paypal who operate in the manner you mention.

    My company use worldpay and once or twice a year we get subject to charebacks - only once in 5 years has this been valid - it was a fraudulent transaction - in all other cases the customer simply didn't recognise the transaction.

    All you had to do was write to the credit card company asking them to do a charge back and providing copies of the correspondence between you and the company concerned. I've done this myself when I had a problem with a supplier in the USA and the money reappeared within days.

    If a charge back is done on Worldpay the retailer gets charged £25, plus the original transaction fees so it is in the retailers interest to refund before the transaction is disputed.

    We use worldpay because we don't want to be responsible for the security of your credit cards details. We are quite happy to leave that in the hands of a well recognised quality payment gateway used by 10s of thousands of companies would wide to securely process your card transaction.

    Much better to use a site driven by a well known payment company who can therefore verify the company you are buying from actually exists rather than sending your credit card details to some random web site designed to rip you off with no way of tracking them down.

    If you buy as you suggest from sites what manage the process themselves then you risk your card details being stored insecurely or transmitted insecurely, take for instance a recent occaision where I booked a hotel online. My full card details were email to me and the hotel in the booking confirmation. The site in question thought this was entirely acceptable even though it stated it used the latest security encryption and was totally secure.

    As for stock levels, many, I'd guess most online stores have no true picture of stock levels, so the stock levels are updated as and when the trader does it and between then and them processing the orders it is easy for them to sell out. Clearly this trader was a bit suss as they did not offer a refund as they should and did not provide the refund quickly when asked. Your bad experience was down to a bad trader.

    If you are buying from a company you do not know and want some idea whether they are genuine, pick up the phone and ring them. If they don't have a phone number don't touch them. Often the number advertised on fraudulent web sites doesn't exist or belongs to someone else. Check 192.com or companies house for the company concerned and check they exist and are at the address shown.

    0 0
  8. Anonymous Coward
    Stop

    403 error

    Can't reproduce your 403 error with Google using search term Evans.

    Even so it is purely a search engine, you then clicked thru to a website, when that happens google are not in control and nor would you want them to be.

    The 403 error is thrown by the website you have clicked thru to, its either faulty, has ceased to exist or the web server is badly configured.

    Clearly you have no concept of how the internet works or what a 403 error is. Perhaps you should learn a little more and then you would understand what you are seeing on your screen and know what to do when it happens.

    In this case click back (to google) and follow a different link.

    Google will eventually drop the broken web site from its listings, but since there are billions of web sites it will take a little time for google to do this.

    0 0
  9. Anonymous Coward
    Anonymous Coward

    distance selling

    Distance selling act also means you can send things back and are better covered than buying it from a shop. If you buy a TFT screen with a dead pixel you can send it back regardless of what the web site says because under the distance selling act you have not had chance to inspect it.

    I only found this out because I mentioned it to someone who works at a well known online IT supplier and they confirmed that buying TFT's over the net (something I used to avoid) was not an issue as you could always return the screen if it was faulty.

    0 0
  10. Vasco Da Gamma

    Vasco's response

    The difference between straight credit card payment and WorldPay is the speed the money is debited.

    With the usual credit card entry into a website, the merchant checks the stock, packs and labels and then processes the card payment just prior to despatch.

    With WorldPay etc the punter gets relived of their cash within a couple of minutes of placing the order. The trader checks the stock levels and then sends out an "oh we've run out of those...what else would you like us to send as a substitute?". Then, because they are concentrating on the "cash inwards" from their WorldPay account rather than fulfilling an order the refund becomes oh so difficult.

    So...Why should I have money deducted from my account by an on-line spiv and have to wait 4 weeks for recompense? Why should I pay to improve his cash flow? At what point does it become fraudulent trading (selling something you have not got)? The EU directive relates to delivery. There is also a 7-day returns period in the distance selling directives, but no-where does it clearly state how long you should have to wait for the money to be refunded in a case like this.

    I had to pay my credit card off when the bill arrived 8 days later - but didn't have the benefit of the goods. Also this merchant wasn't a "little company" - it regularly advertises in the national press.

    My cousin's have been operating a purely web based toy business for 4 years with direct sales through credit card and cheque. The only time they have been ripped off is by other spiv traders, not Joe public (twice using PayPal through ebay -and that became so farsical they wrote off the £400 that they had lost). They looked at the alternatives early on and saw the potential for customer dissatisfaction. Their system costs them 2.4% and gives their customer's peace of mind and a fast turn around.

    0 0
  11. Anonymous Coward
    Thumb Up

    Worldpay II

    Worldpay also allow for cards to be billed once items are shipped rather than at the point of order, as a supplier you can just validate the card and then continue the transaction when you are ready to ship.

    The site you used just decided to bill up front. Unfortunately many sites don't make it clear when payment is taken. I suggest you look for it in the future. The cheapest site isn't always the best.

    One of my friends has just enabled taking payment on shipment as he was getting so many fraudulent transactions (within days of setting up) that he now carries out his own checks before processing any orders in addition to the ones the payment handler makes.

    Our own business generally sees about 1 in 5 transactions coming up as a warning, this is generally down to the card holder putting in a wrong billing address, or the card company not supporting all the checks that are possible. We have only had one actual fraudulent payment in 5 years - we quickly put a number of measures in place after the first one to help prevent any more and to stop people using our site to validate whether stolen cards are still working.

    0 0
  12. druck Silver badge
    Alert

    Bad advice

    "Look for a padlock symbol in the bottom right of the browser window and for the website address to begin with 'https://'"

    No! Look for where your browser (which may not be Internet Explorer) normally puts the padlock symbol, it should be on part of the browsers toolbars and not in the web page itself. You've had article before about how people are fooled by a padlock symbol appearing anywhere.

    http://www.theregister.co.uk/2006/06/07/why_phishing_works/

    0 0
  13. andy
    Boffin

    can I be clearer

    Oi, thick as shit anonymous coward. It was google throwing the error. It didn't return any results - only the error. Do you need a picture? Hence blame google, not the site I was trying to find. Next time try reading and then you might understand as clearly you don't. And no, it's no longer giving the error; everything is fine with the world again.

    0 0
  14. Anonymous Coward
    Alert

    Worldpay III

    "The difference between straight credit card payment and WorldPay is the speed the money is debited."

    No - its down to how the merchant builds their web site. Payment can be taken either way using worldpay and how the merchant operates their business is purely a business process.

    Worldpay can be integrated just like any other payment gateway (including from the banks) so that the process is just the same.

    Its just a matter of choice from the trader whether they want to risk holding card details themselves or allow a 3rd party to take the risk and have to pay more comission. A risk we are happy to place in Worldpays hands.

    There is nothing to stop the trader operating like you suggest regardless of the whether the payment method is worldpay or direct through a bank/credit card company.

    We could have a direct credit card facility like you mention and it would be totally up to us when we take the payment and when we ship the goods, similarly if we use worldpay we can select whether to take the payment immediately or do an authorise only transaction and then take the actual payment when we ship the goods.

    The problem you had was with a crap trader and that can happen whether you pay by cheque, over the phone or online, whether you pay by paypal, direct by credit card or via secpay/world pay etc.

    Put the blame where it lies, with the trader.

    0 0
  15. Anonymous Coward
    Thumb Up

    403 error revisited

    I see no need to call me a thick shit.

    If I misunderstood your posting and was perhaps a little terse in my reply I apologise, however it does not change the fact that a 403 error is a general error thrown by a web server when something goes wrong. Perhaps it could be a little more helpful, explain more and give you the option to try again or something I'm not sure what you expect it to do when an error happens. Errors happen from time to time and this one could happen on any web site anywhere and the same sort of message would be displayed.

    Clearly users need to be educated to understand what they see on the internet and what precautions to take.

    0 0
  16. Anonymous Coward
    Go

    Worldpay Refunds

    Simply a matter of the merchant logging on to worldpay, typing in the transaction number, click view transaction and click on refund full payment. Takes about 30 seconds at most. Much the same as any other payment gateway of any type.

    0 0
This topic is closed for new posts.