It seems to be generally accepted that Credit Card transactions on the net are dangerous. Why are they different from telephone transactions, which most people seem to feel comfortable with?
(Please, no paranoia, facts only.)
To whom is this “generally accepted?” A resturant waiter can simply copy your credit card number from a check. Internet credit transactions are (usually) encrypted and most of them are handled by reputable organizations. I’ve never met anybody personally who had had his account defrauded as a result of an Internet transaction.
ok, i’ll get the ball rollin’…
eavesdropping ( tapping ) of an internet connection ( or computer, network, etc. ) is a whole lot easier than tapping of a phone line.
e.g. all someone needs to do to get your cc info over the 'net, is to install a small keylogging trojan onto your comp. that’ll email that someone your cc info. ( note that this is only one of many ways to intercept your communication )
in the phone scenario, said person needs to be able to tap your phone line physically, which renders it a tad difficult if attempted from the other side of the globe.
there are various other reasons why, but i’m sure everyone will be here soon 
note: this does not imply that it is impossible to intercept your cc info over the phone line, just that it’s a bit more difficult if you do not have physical access to the location of the phone.
friedo, I agree completely with your example. It’s pretty much why I asked the question.
What made me think of it was that, in the threads about charging for the SDMB (I don’t want to start another discussion on that), people were saying they don’t like giving credit card numbers over the net.
I have heard it here and there lately and nobody seems to say why.
I’m not aware of any examples of credit card fraud where the credit card number was intercepted by a packet sniffer or otherwise eavesdropped between the two endpoints. I’m not saying it hasn’t happened, but it’s not the predominant threat model. Most credit card exposures occur because the company inexplicably leaves a database with thousands of transactions on a public webserver or an insider cleans out the database from within their local network. In every case which has been publicized, the security of the transaction in process was not violated.
Refer up to friedo for the short dope.
Its not that dangerous to use credit cards online , you can always have a system setup where you have to call the bank or they have to call the bank a la AMEX the calling process for auth codes is PITA.
Also alot of online shops guarentee (i haven’t read that much small print but i know a few) you against fraud . so if you credit card details are stolen by their staff or intercepted then you don’t have to pay the stolen amount.
Its more dangerous handing your card to somebody, a local petrol station had a new employee recently around here , she used to have plasticine blocks and press your card into them before putting them into the card charger.Nobody was the wiser till massive amounts of goods turned up on the cards and the worker dissappeared.
Getting cash out of machines can be even worse , 2 years ago criminals tinkered with machines of a certain bank.They added a card scanner and microfilm on the buttons.Victim puts in card , card reader put on to the dlot clones the card in its memory, victim taps in the PIN code , victim gets cash and walks away, theif comes in gets the gear and has your card and PIN.
In the credit industry…
Let’s just say that nothing even comes close to being as unsecure as:
1.the mail.
2.paper documents all over the place after your store transactions
3. Hi, Opal.
The internet and the phone are scams less frequently used. And when looked at through dollars lost, they barely register compared to the mail and paper theft issues.