According to a recent study conducted by Mastercard, more than half of South Africans are now shopping online. This indicates that local consumers are feeling more confident about ecommerce, which doesn’t come as a surprise given the ever increasing variety of products and services that have become readily available. From clothing to food, furniture to makeup, yoga classes to online educational courses – everything’s available online. Leaving the comfort of your home to shop is now a choice rather than a necessity.
While consumers are indeed spoilt for choice, it’s important to educate yourself about shopping safely online. We have asked our Risk & Compliance team as well as our in-house Infrastructure and Security specialists a few questions on what you can do to protect yourself when shopping online.
How can you tell if a merchant is legitimate?
There are a few things you can do to determine if a merchant and their online store is legitimate:
- Do a bit of online research to find out about the merchant, reviewing their social media pages and reading customer reviews can be helpful.
- Double check you’re browsing to the merchant’s domain name or redirected from a secure source.
- Make sure the website is secure by looking for the “S” in HTTPS at the start of the website’s URL, which is found in the address bar at the top of your browser.
- A legitimate store will have contact details. If it’s just a web contact form without an address, email and phone number you should probably be wary.
- Make sure there’s a Returns & Refund policy on the website, this is typically found in the footer. If an issue occurs with your order, such as if you wish to cancel your order or it never arrives, make sure you know what your rights are. As a buyer you are entering into an agreement with the merchant, who is responsible for the fulfilment of your order.
What is the safest way to check out online?
Firstly make sure that you’re purchasing from a trusted business and that they’re offering you a secure way to pay them. You can look up reviews on both the business and payment options on offer before committing to checkout.
Before entering any confidential information such as your payment details, always ensure you’re on a secure domain. Depending what browser you use, you will see a padlock in the left hand side in the address bar.
Once you have confirmed you trust the online merchant and the online payment solution they use, you should choose to checkout and pay with a payment method that you are familiar with and trust.
Should you store your credit card details online?
When shopping online you may be prompted to save your card details. This could be either a pop up message within your browser or when checking out on an ecommerce website. You should never store your credit card information in a browser. By doing this, you could risk exposing your cardholder details to other users of the device, or put yourself at risk if the device is stolen.
Many websites these days give you an option to save your cardholder details with a tokenized ‘single-click’ style payment facility to speed up the checkout process on future purchases. This is a very convenient feature and is considered safe when the site you are using is accredited as a Payment Card Industry (PCI) verified merchant that enables tokenization, or if they handoff these requirements to a PCI DSS Level 1 payment processor such as PayFast.
What is the best way to recognise and avoid phishing scams?
Scammers can be very sneaky in their attempts to trick you into sharing your sensitive information. Therefore it’s important to double check any emails, SMSes or WhatsApp messages you aren’t expecting. A phishing scam message will encourage you to click a link and log in to your bank account, typically by telling you your account has been locked or there is a large transfer of money. Usually the attackers will put strict time constraints on the person they’re targeting to perform an action very quickly. This is done to make the victim nervous and in doing so, they become vulnerable.
Here are some useful tips on what you can do to avoid becoming a phishing scam victim:
- Don’t follow links, and if you do validate the link goes to the correct location.
- Look at the email address the message was sent from. Scammers won’t be able to send messages from a real domain name, it’ll be filled with random letters or numbers.
- Look at how you’re addressed in the email – be weary of “Dear Sir”, “Dear Madam” or “Dear Customer” as legitimate emails will use your name.
- Phishing emails are often riddled with poor grammar and typos, so keep an eye out for them.
For more advice on how to avoid phishing scams, read our knowledge base article.
Confidently shop online
Shopping online has many benefits for consumers, and as long as you follow our basic security tips, you can confidently checkout and make payments at your favourite online stores.