Credit card transactions have transformed the global economy and yet security concerns are never far away. Discover how credit and debit cards are used on the internet.

How online transactions are processed

The process a card transaction goes through is very fast and very complicated. The example that follows is of a real-time credit card transaction. The customer has selected goods or services from a merchant's web site and is about to pay for them.

1. The customer selects "credit card" as their method of payment.

2. Most often their browser will connect to the website's secure server (https) and a secure icon will appear on the browser taskbar.

3. The customer enters their credit card information on the secure payment form, and authorises the transaction.

4. The transaction data flows to the website's secure server using SSL (Secure Sockets Layer) encryption.

5. The secure server connects to the merchant's processing bank either via a Secure Payment Gateway (a third party who provides the connection to the processing bank via a landline), or directly (some processors have their own proprietary Secure Payment Gateway and therefore do not require a third party to provide this service).

6. The processor polls the card network, such as Visa or MasterCard, directly, and the validity of the card, and availability of funds is confirmed.

7. If the transaction is approved, an authorisation code is returned to the processor, or to the Secure Payment Gateway from the processor.

8. The authorisation is encrypted by the Payment Gateway or processor and transmitted in encrypted form to the Web server of the merchant, which triggers fulfilment of the order.

9. The merchant's web server then sends the customer's browser a confirmation receipt.

10. The amount due is moved from the card holder's bank to the merchant's processing bank. The merchant's processing bank will then move the money to the merchant's local bank within 2 to 3 business days.

Advice for customers using cards online

Here are a number of common sense guides for customers to follow when using their credit/debit cards online:

1. Take time to browse the merchant's website taking care to visit their: privacy policy, terms and conditions, contact page, and frequently asked questions page (FAQ). Get a feel for how much care they've taken over developing their site. If their site is full of broken links, poor help and information, it is likely their after sales service will be equally poor.

2. Use one credit/debit card for all Internet transactions. That way it will be easier to trace any problems associated with your Internet payments.

3. Make sure your card allows just enough credit for the amounts you plan to spend on the Internet and does not have a very large credit balance.

4. Read the merchant's terms and conditions or at the very least scan them and check to see if there may be any potential problems (you might check their: returns policy; refund policy; and clearing policy).

5. Read up on customer's references online, either on the merchant's website or from external review sites or forums that discusses about the merchant's page. Try to gather at least five or more positive reviews.

6. If not already posted on their webpage, ask the merchant if they are willing to put everything in writing, including all fees.

7. Enquire the name and location of the processing bank.

8. Find out when funds will be drawn (Look for 3 days or less).

9. Make certain the bank the merchant is partnered with is insured against online fraud.

10. Ask if the merchant is a member of a business association.


The most important principle to practice when using a credit card online is to use a separate card with a low credit limit to:

1. Keep your overall risk to a low

2. Easily monitor your Internet transactions

One last piece of advice - Use a separate 'public' email address rather than your personal email address when completing online forms, this will help reduce the chance of receiving spam as you shop online.