There is no doubt that risk exists with the use of your credit card on the Internet The listing below shows some of the common situations where theft and fraudulent use of cards occur. The solutions presented are Internet payment system features you should expect from Internet merchants to protect you from these risks.
This is a big let out clause for you. All Internet credit card transactions can be repudiated by the cardholder within six months of the card being charged, subject to you giving a valid reason to your cardholder bank to reverse the transaction. This would be after fraudulent use of your card or return of product because you are unhappy with it.
As a result of standardised credit card law operating in most countries of the world, your bank cannot hold you liable for more than $50 of fraudulent charges. This repudiation clause places a lot more risk on the merchant than the cardholder.
There are a small number of unscrupulous credit card holders who get perverse pleasure out of defrauding merchants and banks by claiming they have not received goods, especially digital goods, when they have received them. There are lists available on the Internet of customers that regularly carry out these activities and merchants can access these during transaction processing to terminate orders.
Lets examine situations of paying by credit card off the Internet before answering this question.
For Internet sales you cannot eyeball the merchant.
The customer uses a secure order form that encrypts their credit card details and can only be read by the secure server of the merchant. This information is encrypted again and sent to the credit card processor and then sent to the card holder bank for card validation. Transaction approval or rejection is sent back to the customer. This process usually takes no longer than 15 seconds. The merchant does not store the customer's credit card number.
It is obvious that this method of processing transactions is far more secure than any of the three examples presented above. Of course, not all Internet merchants operate in this manner.
For a merchant without real time transaction validation they may download encrypted orders and process them through a POS device to the credit card processor. At the bottom of the list is the downloading of unencrypted orders with manual processing and banking into a merchant account. Not only is this last option more risky for the customer but it also greatly increases the risk to the merchant of fraudulent transactions.