Gut feelings are key when it comes to online payments

By Sebastian Knoppik Apr 4, 2010, 11:35 GMT

Hamburg - Winning an online auction is one thing, but the merchandise isn't really yours until the mailman delivers it. And that can't happen until you've paid for your wares.

But, despite the proliferation of ways to pay online - credit cards, payment systems like Paypal and Click & Buy or classic bank transfers - there's no truly perfect payment system. Which means that, at the end of the day, online trade depends more on trust between parties than on the strengths of the different payment systems.

Looking for the perfect system can only lead to disappointment, says Frank Rieger of Germany's Chaos Computer Club (CCC). 'There is no perfect system that meets everyone's demands.'

While technical security is about the same for all systems, that does not erase the risk of sending personal data through the internet. 'That's where there's a danger that the server might be hacked and my account details will get called up.'

That's why Rieger recommends setting a limit for the maximum sum that can be paid out, just in case personal data is captured. 'You can do that with a prepaid credit card.'

Or, instead of using a regular debit account - the one into which your salary flows - it's best to set up a secondary account containing a fixed amount of money.

Online shoppers should always ensure that their data is encrypted via a secure SSL connection. Most browsers display a small key when this encryption is active.

The computer used for transactions also needs to meet minimum security standards, says Rieger. 'You shouldn't surf with an old Windows 95 and you should regularly update security on your operating system.'

Giving data directly to an online shop or auction house is a potential risk, says Markus Feck, a lawyer with the Consumer Central of the German state of North Rhine Westphalia. 'Divulging data means the risk of abuse,' he says.

Users of Paypal and Click & Buy get around this because they do not 'pay money directly to the merchant, but, more or less to an intermediary account.'

There is little difference in security levels between the different services, says Isabel Muench of the German Federal Office for Information Security. 'What's much more important is whether you're dealing with a serious merchant.'

That's especially important if the merchant will only ship goods after receiving payment. 'With advance payments, there's always the risk I won't receive the goods,' warns Feck.

Experts say bank transfers and credit card transactions are generally safe. 'If you provide a direct debit authorization, then you usually guarantee a right to cancellation,' says Feck. But customers are required to invoke this right within eight weeks of the payment's withdrawal. It's usually also possible to cancel orders made with unauthorized credit card use.

Certificates of approval are usually the best way to see if an online store is reliable, says Muench. There are plenty around and even websites that provide an overview of the different certificates.