Online Shopping

While online shopping is convenient, easy, and accessible to most users, the dangers of online shopping may overweigh the benefits. Many people are at risk of having their personal and financial information stolen, so it is important to be aware of online vulnerabilities and know how to keep your private information secured.

November 20, 2020Author: Henry Kenyon

What is Online Shopping?

Online shopping is when someone makes purchases through an online marketplace. The items being ordered are then delivered to a location that the customer chooses. There are different types of stores that sell different products, for example, many grocery stores such as Hannaford and Stop & Shop offer online services for grocery pickup, while other shops exist on Etsy or eBay for buying and selling crafts or products online only. Some companies allow users to order products online then go to a store location to pick up the order they placed. Other online marketplaces allow users to have their packages shipped directly to their address. Because of the vastness of the internet and the number of online marketplaces that exist, nearly anything can be found online somewhere. One of the more popular online shops for general products is Amazon, which categorizes its inventory by different departments, uses, and types of items.

Online shopping began in 1979 when Michael Aldrich began hosting live television ads. Aldrich asked people to call in and place orders for items using the domestic telephone in their house. With the advances of technology, came the revolution of online shopping. Because of the convenience of having items shipped to people's doors, or that certain products are difficult to find locally, many consumers prefer using online shopping rather than going into the physical store.


This graph shows the relationship between The Total Worldwide Ecommerce Sales in Trillions of U.S. Dollars over the past 8 years. According to the diagram, between 2014 and 2020, ecommerce sales increased by $3.2 trillion dollars. This provides evidence that more people are relying on online shopping as technology advances and more online stores begin to open. The company Amazon made $280.1 billion dollars in the fiscal year of 2019. Since online shopping is becoming more popular and widely accessible to users, the world will continue to see growth in ecommerce and online marketplaces in the future.


Though online shopping is easy and convenient for consumers, there are many risks and vulnerabilities with using online billing. There have been thousands of instances where people have had their banking/financial information stolen. Below are some common risks that consumers may run into when shopping online:

  • Scam and Fraud, such as fake websites that don't actually deliver products.

  • Social Engineering or “Man in the Middle” between a customer and the transaction. The Man-in-the-Middle is a technical term describing when a malicious user listens on the connection between a personal user’s device and a server. The attacking user is able to gain access to the traffic that the user is sending to the server, such as billing information and addresses.

How to Secure your Virtual Shopping

Most online purchases are made through the internet, such as from a web browser on a website. Websites run different protocols to get information to and from the user and server/site. These protocols can be found in the URL search bar of a website, as shown below.

HTTPS websites usually show a lock symbol next to the URL

HTTP website does not show the protocol, but it may show the text, "Not secure"

HTTP means "Hypertext Transfer Protocol," and HTTPS means "Hypertext Transfer Protocol Secure." Many companies have an “HTTPS” protocol on their online store to ensure that they are certified to be more secure for customers’ private information and to verify that the website the customer is purchasing from is legitimate. This security comes from the fact that data being sent between user and the server is encrypted, and the certificate assures that. However, users should be cautious to put their private information on websites that have an “HTTP” protocol. These websites are not secure and user information is at risk of being stolen because there is no encryption of data.

In technical terms, HTTP traffic is transferred through the port 80 of a server (which is not such a secure port), whereas HTTPS uses port 443 (which is a very secure data stream with SSL). Compared to HTTP, HTTPS uses a certificate authority which ensures digital certificates that advocate that the website data is secure. The online marketplace will make a set of private and public keys that are authenticated by a trusted certificate authority, which protects private information from being intercepted or changed. The private key is stored on a server (the company holds this key) and the public key is shared with the customer. The customers’ information is encrypted using the company's public key and can only be decrypted using the company's private key, ensuring a confidential transfer between the web client and the webserver.

There was an example case study published by the National Debt Hotline in Australia that provides an example where someone named Sarah was purchasing from a website offering “Cheap BBQ” and would give the user a 5% discount if they entered their direct bank information rather than charge the customer a 2.99% fee if they used their credit card. The major red flag that Sarah overlooked was that the site was asking for her complete checking account information. Another thing that she should have looked out for was that many websites offering surprisingly low deals on merchandise, or websites that were recently created, may be fraudulent. Had she done her research into the website, looked for verified customer reviews, checked the protocol run on the website, or not submitted her direct banking information, Sarah would have not been scammed. Unfortunately, she lost $160 due to the website stealing the money and not delivering her product.


Stay up to date with Twitter, Instagram, Facebook, and LinkedIn so you always know what we’re up to!