Online Surveys and Competitions – are they protecting your information?
My Motorcycle Insurance Company does business online only. Fantastic, I think its great. To maximise their readership and keep their current readers engaged, they have regular competitions/surveys, eg. Win a helmet, win a gift voucher, etc.
Recently, there was a competition I was about to enter and I did my customary check and noticed that they wanted all my personal data; Date of Birth, Phone Number, Mobile Number, etc. I asked the question, why do they need it, and thought they may be updating their customer relationship management system, mentally I was happy with that.
However what really alarmed me when I looked at the address (URL) and it said, http://fredsmotorcycleinsurance.com/competition.
Immediately the red lights came on. It should have said,
and if you didn’t notice it
What this means was my information was about to be sent over the internet, “in the clear”, a term meaning anybody who had the tools, could capture and read my personal information.
Funnily enough, some people are happy with sending their information in the clear, then there are other people who wouldn’t be aware what’s happening. So I thought I would bring it to the attention of any readers.
If you want to make sure that your information sent across the internet securely, then there are some easy ways to check that you have a secure connection between your computer web browser (Internet Explorer, Safari, Firefox, Google Chrome and Opera) and the website.
Make sure there is a “S”in https?
The S indicates that the connection between your computer and the website is secure. That means that any information passed between your computer and website is secured, what they do is scramble the information being passed across the Internet so people can’t understand it.
How much is it scrambled? Usually they scramble it so much you need a super computer with a couple of years to de-encrypt the password.
Okay, how do they make the secure encryption between your computer and the website?
Basically, what the secure site does is ask you to accept a security certificate on your computer. The first time you visit the website, it presents you with their security certificate, you have to accept the certificate. By accepting the certificate, it then enables you to connect securely each time with that site.
The sign that this has been successful is that it will give you a httpS and show a padlock somewhere on the screen stating that the connection is secure.
Without the “s” it indicates that they are going to send your information in the clear, unencrypted across the internet.
So, next time you enter that online competition or survey, do these four checks:
The Four things to check before you sign-up
1. See that the URL has security by it having https://your_competition.com by having the “s” after the http://
2. See there is a padlock image in the security area for the browser. This is in different places on each browser, sometimes in the lower right hand corner of the screen, sometimes in the address bar (URL).
3. See they issue a statement on how they manage your privacy. If they do then it’s something you can possibly hang your hat on if there is information leakage.
4. See where your information will be used, who will use and who will it be passed on to and when will they be destroying it.
I have a personal policy of not undertaking any online surveys or competition unless it meets this criteria, before you enter a competition, make sure you check if it is a secure connection.
Other places on the internet where you need to check that you have secure connection
- Banking, Credit Card and Payment Sites
- Accommodation booking sites
- Membership sites
- Insurance Sits
- Airline Sites
Paypal, probably the biggest payment online payment system has a way that you can only connect to them using secure connection, wouldn’t it be great if every business did this kind of thing!