Just one problem with that vision: it is completely false.

True, ordering something directly on the Internet is a relatively new way of shopping, and we very naturally fear new stuff, if even a little bit. Especially when it comes to our money.

If that scares you, think of these scenarios:

1. a band of thugs finds credit card receipts in store trash cans, and sells them to a waiting band of resellers, who resell them, who resell them....

2. you give your credit card to some unknown yuckapuck in a restaurant, who then disappears for several minutes with it to prepare your bill. Or is he calling Bloomindales?

3. you use your cellular or cordless phone to order something from a catalog, and your next door neighbor picks up your number on her baby monitor.

All of the above happen every day. Scary, aren’t they? But they illustrate a point. All the hype about Internet security is just that: pure hype. How often do you hear about the dangers of using your credit card in a restaurant? Or about the dangers of allowing a hotel front-desk clerk disappear into the back room to confirm your reservation? Haven’t heard much, have you?

Why then, all the fuss about the security risks of shopping on the Internet?  Compare that with the millions lost every year just in cellular phone fraud, and you wonder what all the hype is about.

The truth is, when you shop online with a merchant who offers a Secure Server, all the information you give, your name, address, credit card number, is encrypted. That means your number goes out as code. Even if a hacker could get it, it would likely be gibberish. Your credit card never leaves your hand, it is never picked up by monitors or scanners, and never found in trash cans in the alley.

How can you tell if the order is secure?

Simple. Check the online ordering form or, on a framed site, like this one, check the frame the shopping cart is in before submitting sensitive information.

If you use a Netscape browser, look at the bottom left-hand corner of the screen for a little key. If the key is solid, not broken, and sitting on a blue background, your order information is secure. If it’s broken, you are on a page that is not secure, and you shouldn't enter sensitive information on that page.

For Internet Explorer users, a small padlock appears in the lower right-hand corner of the web browser window. If the padlock is locked, not open, your order information is secure. If it’s open, you are on a page that is not secure, and you shouldn't enter sensitive information on that page.

Remember, pages which do not ask you to enter and send information will likely not be secure, so be sure you are on an “order information” page before checking. It’s a good habit to check for the whole key or closed padlock before you hit the button on the screen that says “send” or “submit.”

If you mail a postcard by snail mail, it's quite possible that its contents may be read by some third party while in transit. The same is true of data crossing the Internet. Every packet of data sent from any computer to any other computer will be handled in transit by perhaps two dozen other systems. That makes for perhaps two dozen opportunities for someone to tap into a conversation. If a criminal intercepts a packet containing credit card information, he can use it to defraud the card's owner... unless the information is encrypted. Encryption does for Internet data what envelopes do for snail mail: it keeps private matters private.

Recent versions of both Microsoft's and Netscape's browsers support what's called Secure Socket Layer (SSL) encryption. It activates automatically whenever the browser is instructed to retrieve a URL beginning with https. If someone on a system between the sender and receiver should intercept a secured packet and view it, the contents would appear as gibberish.

If the customer's browser supports SSL (https) encryption, he/she should be strongly encouraged to take advantage of it. Unfortunately, a significant number of Web wanderers do not own browsers which support encryption. In particular, WebTV's browser doesn't (at present) support SSL encryption.

Realistically, merchants who sell to customers face-to-face have the same problem. What's to stop a cashier from copying down credit card numbers? What's to stop a thief with a good memory from looking over a customer's shoulder and memorizing his/her card number? Nothing, really. What makes it unlikely that a particular postcard will be read in snail mail is that it is one of millions. What makes it unlikely that a particular packet will be intercepted on the Internet is that it is one of trillions. Possible, but unlikely.

Paymate, Paypal & Ibill strongly encourages end-users to take advantage of SSL (https) encryption if they are able, but ibill also supports NON-secure (http) transactions because the odds that one individual's credit card information will be intercepted is not substantially higher than the odds for that information to be intercepted at the corner grocery store.