10 Replies Latest reply: Aug 15, 2012 5:09 PM by adam.samec
Janet Victoria Level 1 Level 1 (0 points)

Can I key in amounts from an on-screen keyboard when paying bills online to make the payment more secure? If so how, please? Janet


iMac, Mac OS X (10.7.3)
  • 1. Re: Security of online payments
    MGW Level 7 Level 7 (27,000 points)

    Make sure that the web page is https, and has a lock in front of the address to signify that it is a secure connection.

     

     

     

     

     

  • 2. Re: Security of online payments
    Janet Victoria Level 1 Level 1 (0 points)

    Thanks Miriam. Janet

  • 3. Re: Security of online payments
    Barry Hemphill Level 7 Level 7 (34,500 points)

    Hello:

     

    One other thought....  be sure that you KNOW the web site you are using to send money.  Reputable web sites will use excellent security techniques - including secure transmissions.  If I ever have doubt about paying with a credit card, I use "virtual" numbers.  Bank of America (and, I believe, several others) have this service available.

     

    Barry

  • 4. Re: Security of online payments
    gumsie Level 4 Level 4 (2,095 points)

    Yes you can.

    System Preferences>Language & Text>Input Sources, Mark the check box for Keyboard and Character Viewer.

    Screen Shot 2012-05-08 at 18.22.51.png

    Now look at the top right area of the Menu bar and you should see the Icon you saw in System Prefs. Click it followed by Show Keyboard Viewer.

    Screen Shot 2012-05-08 at 18.24.33.png

    That do it?

  • 5. Re: Security of online payments
    Janet Victoria Level 1 Level 1 (0 points)

    Brilliant, Gumsie. It did do it. Many many thanks. Janet Victoria

  • 6. Re: Security of online payments
    varjak paw Level 10 Level 10 (169,765 points)

    Please note, though, that doing that is no different than just pressing the keyboard when it comes to website security. Exactly the same information is sent over the Internet to the web site.

     

    Regards.

  • 7. Re: Security of online payments
    Janet Victoria Level 1 Level 1 (0 points)

    Many thanks, varjak paw. This is very helpful - I had been told that putting in figures with a mouse was more secure. Now I know that information was incorrect.

  • 8. Re: Security of online payments
    gumsie Level 4 Level 4 (2,095 points)

    varjak paw wrote:

     

    Please note, though, that doing that is no different than just pressing the keyboard when it comes to website security. Exactly the same information is sent over the Internet to the web site.

     

    Regards.

    ..........Unless a hardware keylogger is being used? (But the chances of this are very small).

  • 9. Re: Security of online payments
    varjak paw Level 10 Level 10 (169,765 points)

    Janet Victoria wrote:

     

    Many thanks, varjak paw. This is very helpful - I had been told that putting in figures with a mouse was more secure. Now I know that information was incorrect.

     

    It would be if the numeral entry was a clickable item on a web page on the service you're logging into. But not when using the Keyboard Viewer (or anything similar) on your computer.

     

    Regards.

  • 10. Re: Security of online payments
    adam.samec Level 1 Level 1 (0 points)

    A clickable keyboard that is part of a web page is not secure either provided your browser is compromised with some malicious extension/add-on that reads and misuses data in password or sensible input fields on a web page. Also even when using the virtual web keyboard the same sensitive information can be sent over the Internet (in a POST request) as is the case with a hardware entry of data, although mostly this is not a security issue since the the information sent should be encrypted over HTTPS. The web keyboard can be sophisticated but so can be this kind of extension, in particular if it is tailored to capture user actions on a specific (e.g. online banking) website.

     

    Thus as far as I know, the only reliable security benefit of the web keyboard is that it bypasses a hardware keylogger and maybe some simple software keylogger that is installed directly in the operating system and not in the browser as an extension.

     

    The best way how to avoid the reach of malicious extensions is to browse in a private/incognito mode with all the extensions disabled (as in Google Chrome). In Safari it seems the extensions that can access data of your opened web pages are disabled when using HTTPS protocol.