Fact Sheet 23:
Online Shopping Tips:
E-Commerce and You

Send to PrinterSend to Printer
Copyright © 2000-2016
Privacy Rights Clearinghouse
Posted December 2000
Revised July 2016
  1. Introduction
  2. Shop at Secure Websites
  3. Read the Website's Privacy and Security Policies
  4. Be Aware of Cookies and Behavioral Marketing
  5. What's Safest: Credit Cards, Debit Cards, or Checks?
  6. Disclose Only the Bare Facts When You Order
  7. Keep Your Password Private
  8. Be Aware of Dynamic Pricing
  9. Resources

1. Introduction

By clicking a mouse or touching a screen, shoppers can buy nearly any product online -- from groceries to cars, from insurance policies to home loans. For many, the internet has taken the place of shopping at the mall.

Just as shoppers should take measures to protect themselves in brick-and-mortar retail stores, online shoppers also need to take sensible precautions. This guide offers advice on how to make your online shopping safe.

2. Shop at Secure Websites

How can you tell if a website is secure? Secure sites use encryption technology to transfer information from your computer to the online merchant's computer. Encryption scrambles the information you send, such as your credit card number, in order to prevent hackers from obtaining it while in transit. The only people who can unscramble the code are those with legitimate access privileges. Here's how you can tell when you are dealing with a secure site:

  • If you look at the top of your screen where the website address is displayed, you should see https://. The "s" that is displayed after "http" indicates that website is secure. Often, you do not see the "s" until you actually move to the order page on the website.
  • Another way to determine if a website is secure is to look for a closed padlock displayed on the address bar of your screen. If that lock is open, you should assume it is not a secure site.

3. Read the Website's Privacy and Security Policies

Every reputable online website offers information about its privacy and security practices. At a minimum, the website should have a posted privacy policy. You can find out if the merchant intends to share your information with a third party or affiliated company.

You can also learn what type of information is gathered by the website, and how it is — or is not — shared with others. The online merchant’s data security practices are also often explained in the privacy policy, or perhaps a separate security policy.

You will want to think about the sensitivity of the data that is being compiled about you when you shop online. We cannot prescribe the best approach to take. Every consumer has a different interpretation of what is considered “sensitive.”

4. Be Aware of Cookies and Behavioral Marketing

Online merchants as well as other sites watch our online activities by using cookies, a tracking system that attaches pieces of code to our internet browsers to track which sites we visit online.

Persistent cookies remain stored on your computer while session cookies expire when you close your browser. Online merchants use cookies to recognize you and speed up the shopping process the next time you visit. You may be able to set your browser to disable or refuse cookies but the tradeoff may limit the functions you can perform online, and possibly prevent you from ordering online.  Generally, you will need to enable session cookies to place an order.

Privacy advocates worry that as more and more data is compiled about us — without our knowledge or active consent — it will be combined to reveal a detailed profile. This data is often collected to market goods and services to us, encouraging us to buy them. There are a number of companies that specialize in targeted online advertising called "behavioral marketing." Companies say consumers benefit by being exposed to more targeted advertising and that online merchants can make more money more efficiently by targeting the right shoppers.

5. What's Safest: Credit Cards, Debit Cards, or Checks?

The safest way to shop on the internet is with a credit card. In the event something goes wrong, you are protected from unauthorized charges under the federal Fair Credit Billing Act. You have the right to dispute charges on your credit card, and you can withhold payments during a creditor investigation.

Make sure your credit card is a true credit card and not a debit card. A debit card can expose your bank account to thieves. Your checking account could be wiped out in minutes by fraudulent transactions.

Using only one of your credit cards for online purchases can make it easier to spot fraudulent activity.  Likewise, turning on text message or email alerts from your card issuer can be a great way to quickly detect fraudulent purchases.

Online shopping by personal check leaves you vulnerable to bank fraud. Sending a cashier's check or money order doesn't give you any protection if you have any problems.

Never pay for online purchases by using a money transfer service.  You could be transferring cash to a fraudster.  Scammers will ask consumers to send them payment using a money transfer service such as Western Union or MoneyGram because they can get your cash fast and it’s difficult to trace. Legitimate sellers normally do not ask consumers to send payment that way. Money transfer services should only be used to send money to people that you know well, not to unknown sellers of merchandise online.  

6. Disclose Only the Bare Facts When You Order

When placing an order, there is certain information that you must provide to the merchant such as your name and address. Often, a merchant will try to obtain more information about you. They may ask questions about your leisure lifestyle or annual income. This information is used to target you for marketing purposes.

Don't answer any question you feel is not required to process your order. Often, the website will mark which questions need to be answered with an asterisk (*). Should a company require information you are not comfortable sharing, find a different company that sells the product.

Providing your Social Security number is not a requirement for placing an order at an online shopping site. There is no need for the merchant to ask for it. Giving out your Social Security number could lead to having your identity stolen.

7. Keep Your Password Private

Many online shopping sites require the shopper to log in before placing or viewing an order. The shopper is usually required to provide a username and a password. Don't have your computer or device remember your password if a website has your payment information or other personal data.

Never reveal your password to anyone. When selecting a password, do not use commonly known information, such as your birthdate, mother's maiden name, or numbers from your driver's license or Social Security number. Do not reuse the same password for other sites, particularly sites associated with sensitive information. The best password has at least eight characters and includes numbers and letters.

8. Be Aware of Dynamic Pricing

Some online retailers use dynamic pricing to engage in price discrimination by charging different prices to different consumers for identical goods or services. When you purchase goods or services online, you may be paying a higher or lower price than another online customer buying the same item from the same site at the same time. While online shopping enables consumers to easily compare prices, it also allows businesses to collect detailed information about a customer's purchasing history and preferences. Online stores can use that information to customize the prices they charge you.

While dynamic pricing has existed for a long time for time-sensitive products such as airline tickets, hotel room reservations, and rental cars, it’s difficult to justify the use of dynamic pricing for goods and services that are not of a time-sensitive nature.

Online merchants can easily implement dynamic pricing by placing cookies on a customer’s computer which will track the user’s past interactions with the site. By using this information, sites can customize their interactions based on your past activities. Online stores can read the cookies on your browser to determine what products or services you searched for and bought and how much you paid for them. This information helps them to predict how much you might be willing to pay for a product or service.

There are several ways that you may be able to defeat dynamic pricing. Obviously, do not log in to a site before you obtain a price quote. Be sure to clear the cookies from your browser before you visit a site. Utilize price comparison sites that check prices from multiple vendors. Finally, if you do log in to a site, try leaving items in your shopping cart for a few days, to see if the merchant offers any discounts.

9.  Resources

Federal Trade Commission, Shopping Online

American Bar Association, Safe Shopping

Content type: 
Copyright © Privacy Rights Clearinghouse. This copyrighted document may be copied and distributed for nonprofit, educational purposes only. For distribution, see our copyright and reprint guidelines. The text of this document may not be altered without express authorization of the Privacy Rights Clearinghouse.