Today's topic is not specific to the music industry or gear related, but may be pertinent to many of you. With all of the recent hoopla in the press lately we've had some inquiries about the security of e-commerce, and of course our on-line store specifically. The burning question for most is understandably; "Can someone get my credit card number and rip me off?"

The literal and fully truthful answer to this question is, and has always been, yes. Contrary to what the media would have you believe the Internet and e-commerce really hasn't changed this very much. Credit card companies have been using (potentially crackable) computers and phone lines to do their transactions for years. Plus it's always been relatively easy for your sales clerk or waitress to get it. But we'll leave the debate about all of these issues elsewhere. The question really is, are on line stores secure?

The answer is a qualified yes. If an on-line merchant says their store is secure it probably means they use encryption to move the data around. An easy way to tell if your transaction is secure is to check out the URL line in your browser right before you check out. Make sure the URL line starts with "https," not just "http," or ends with "shtml." These mean your outgoing data is being encrypted.

Encrypted data is considered secure. Secure is a relative term, but it's certainly secure enough to keep a technician at your ISP or the MIS guy at the store from looking in on it. Debates are raging about what kinds of encryption are best and more or less secure, but it's like any technology - a moving target. Any system can be hacked; it's just that the time, effort, and money it takes are often greater than the benefit of hacking it. That's why most of you aren't likely targets.

I've watched our on-line store be put together and I can tell you these systems are amazingly sophisticated. Personally, I don't even blink when typing my card numbers in at an on-line store. And I feel even more secure after seeing how it works first hand. I know thousands of other people are doing it anyway so just the sheer odds of my card falling into the wrong hands are astronomical.

The real targets, however, are the on-line merchants. If your card gets stolen and someone uses it to mail order a new Pro Tools system, it costs you at the most $50. The merchant, on the other hand, is left holding the bag. If they don't check everything out very carefully they can easily ship thousands of dollars of equipment to some address only to have the credit card company call them up a month later (after the card's owner disputes his bill) and say, "That transaction is no good because the card was stolen; we will now be sucking that money back out of your account." I guarantee you this has happened to every mail order company at one time or another. So, we're extremely careful on the front end. (Those of you who are Sweetwater customers probably recall being asked some rather unusual questions when you first purchased. Now you know why.)

The bottom line is, if you trust the company enough to read your card number to them over the phone then you are just as safe to give it to them over the Internet, assuming their store uses secure transactions.