Skip navigation

Security of online payments

473 Views 10 Replies Latest reply: Aug 15, 2012 5:09 PM by adam.samec RSS
Janet Victoria Calculating status...
Currently Being Moderated
May 8, 2012 9:46 AM

Can I key in amounts from an on-screen keyboard when paying bills online to make the payment more secure? If so how, please? Janet

iMac, Mac OS X (10.7.3)
  • MGW Level 7 Level 7 (26,940 points)
    Currently Being Moderated
    May 8, 2012 9:38 AM (in response to Janet Victoria)

    Make sure that the web page is https, and has a lock in front of the address to signify that it is a secure connection.

     

     

     

     

     

  • Barry Hemphill Level 7 Level 7 (33,060 points)
    Currently Being Moderated
    May 8, 2012 10:15 AM (in response to Janet Victoria)

    Hello:

     

    One other thought....  be sure that you KNOW the web site you are using to send money.  Reputable web sites will use excellent security techniques - including secure transmissions.  If I ever have doubt about paying with a credit card, I use "virtual" numbers.  Bank of America (and, I believe, several others) have this service available.

     

    Barry

    iMac, Mac OS X (10.7.3), 4 GB memory,DSL, Airport Express
  • gumsie Level 4 Level 4 (2,075 points)
    Currently Being Moderated
    May 8, 2012 10:25 AM (in response to Janet Victoria)

    Yes you can.

    System Preferences>Language & Text>Input Sources, Mark the check box for Keyboard and Character Viewer.

    Screen Shot 2012-05-08 at 18.22.51.png

    Now look at the top right area of the Menu bar and you should see the Icon you saw in System Prefs. Click it followed by Show Keyboard Viewer.

    Screen Shot 2012-05-08 at 18.24.33.png

    That do it?

  • varjak paw Level 10 Level 10 (166,930 points)
    Currently Being Moderated
    May 8, 2012 12:51 PM (in response to Janet Victoria)

    Please note, though, that doing that is no different than just pressing the keyboard when it comes to website security. Exactly the same information is sent over the Internet to the web site.

     

    Regards.

  • gumsie Level 4 Level 4 (2,075 points)
    Currently Being Moderated
    May 8, 2012 8:02 PM (in response to varjak paw)

    varjak paw wrote:

     

    Please note, though, that doing that is no different than just pressing the keyboard when it comes to website security. Exactly the same information is sent over the Internet to the web site.

     

    Regards.

    ..........Unless a hardware keylogger is being used? (But the chances of this are very small).

  • varjak paw Level 10 Level 10 (166,930 points)
    Currently Being Moderated
    May 9, 2012 6:29 AM (in response to Janet Victoria)

    Janet Victoria wrote:

     

    Many thanks, varjak paw. This is very helpful - I had been told that putting in figures with a mouse was more secure. Now I know that information was incorrect.

     

    It would be if the numeral entry was a clickable item on a web page on the service you're logging into. But not when using the Keyboard Viewer (or anything similar) on your computer.

     

    Regards.

  • adam.samec Calculating status...
    Currently Being Moderated
    Aug 15, 2012 5:09 PM (in response to varjak paw)

    A clickable keyboard that is part of a web page is not secure either provided your browser is compromised with some malicious extension/add-on that reads and misuses data in password or sensible input fields on a web page. Also even when using the virtual web keyboard the same sensitive information can be sent over the Internet (in a POST request) as is the case with a hardware entry of data, although mostly this is not a security issue since the the information sent should be encrypted over HTTPS. The web keyboard can be sophisticated but so can be this kind of extension, in particular if it is tailored to capture user actions on a specific (e.g. online banking) website.

     

    Thus as far as I know, the only reliable security benefit of the web keyboard is that it bypasses a hardware keylogger and maybe some simple software keylogger that is installed directly in the operating system and not in the browser as an extension.

     

    The best way how to avoid the reach of malicious extensions is to browse in a private/incognito mode with all the extensions disabled (as in Google Chrome). In Safari it seems the extensions that can access data of your opened web pages are disabled when using HTTPS protocol.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.