I just ordered shoes from Shoes.com (where else?). In checking out, they included this reassuring note:
Using your credit card at Shoes.com is safer than using it in a store. All information is encrypted and transmitted without risk using a Secure Sockets Layer (SSL) protocol.
First, it is funny I am posting this, about 10 Internet years after this discussion was first had. Second, I do not understand how it is safer than visiting a store, unless the store being visited is doing something blatantly wrong. At best, I see online shopping as secure as adventuring into the real world.
I can see how it’s possible your less safe at a brick and mortar. If your credit card is encrypted right off the bat, the online shop may never even see your information other than the payment went through to their account and your shipping address. Whereas in a real brick shop, you have your actual card where an employee can copy the cards info or sell it to someone else.
But here you are playing an “if” game. “If” the card is encrypted at POS at the brick-and-mortor location, especially if you are using one the card terminals where a clerk never sees your card, then you are also safe–and it would be exactly as if you bought it at home via as you imagined.
These are the risks I see: (1) Store messes up somehow, (2) Web site messes up somehow, (3) Verification company messes up somehow, (4) You are in danger sitting at home, (5) You are in danger going to the store.
None of these are really risks. In practice, (2) and (5) are the greatest threats, although I put the risk of (5) at near zero. And while (2) doesn’t stop me from making purchases online, I do not have a ton of faith in the skills and integrity of all IT people (the ones I know are swell!). That is quite different than my near-complete faith that retail personnel do not have the skill set required to intercept POS data. Yes, it is possible.
In any event, both are incredibly safe and no one should be detered from visiting online or brick-and-mortor stores. This debate really belongs in the late 1990s when few knew better.