Secure email

  sneakerman 15:09 08 Jan 2004

Why is it not recommended to put financial details in emails
Can the mail be intercepted or can you not be sure who will pick it up.

I know it is not recommended but don't know why, someone has asked for my credit card details, I think innocently and it just made me wonder


  Jester2K 15:17 08 Jan 2004

"someone has asked for my credit card details, I think innocently"

What did the e-mail say EXACTLY?? Should this person be asking you for credit card details??

  Jester2K 15:17 08 Jan 2004

E-mail can be intercepted but highly unlikely.

The problem really lies in how do you know who is going to read them at the other end??

  sneakerman 15:19 08 Jan 2004

It is a hotel in Majorca, they need a credit card to guarantee the apartment, and they just said to send them the details, they didn't specify email but their message came in an email.

  Jester2K 15:21 08 Jan 2004

I would ring them instead.

  beeuuem 15:26 08 Jan 2004

Sending secure messages

As more people send confidential information by e-mail, it is increasingly important to be sure that documents sent in e-mail are not forged, and to be certain that messages you send cannot be intercepted and read by anyone other than your intended recipient.
By using digital IDs you can prove your identity in electronic transactions in a way that is similar to showing your driver's license when you cash a cheque. You can also use a digital ID to encrypt messages, keeping them private. Digital IDs incorporate the Secure/Multipurpose Internet Mail Extensions (S/MIME) specification for secure electronic e-mail.

How do digital IDs work?

A digital ID is composed of a public key, a private key, and a digital signature. When you digitally sign your messages, you are adding your digital signature and public key to the message. The combination of a digital signature and public key is called a certificate. With Outlook Express, you can specify a certificate to be used by others to send encrypted messages to you. This certificate can be different from your signing certificate.

Recipients can use your digital signature to verify your identity, and they can use your public key to send you encrypted e-mail that only you can read by using your private key. To send encrypted messages, your Address Book must contain digital IDs for the recipients. That way, you can use their public keys to encrypt the messages. When a recipient gets an encrypted message, his or her private key is used to decrypt the message for reading.

Before you can start sending digitally signed messages, you must obtain a digital ID. If you are sending encrypted messages, your Address Book must contain a digital ID for each recipient.

Where do you get digital IDs?

Digital IDs are issued by independent certification authorities. When you apply for a digital ID at a certification authority's Web site, your identity is verified before an ID is issued. There are different classes of digital IDs, each certifying to a different level of trustworthiness. For more information, visit the certification authority's Web site.

How do you verify a digital signature?

With revocation checking, you can verify the validity of a digitally signed message. When you make such a check, Outlook Express requests information on the digital ID from the appropriate certification authority. The certification authority sends back information on the status of the digital ID, including whether the ID has been revoked. Certification authorities keep track of certificates that have been revoked due to loss or termination.

See click here

  anchor 15:57 08 Jan 2004

I would either telephone them, or send a Fax.

  sneakerman 16:16 08 Jan 2004

Why is phone or fax more secure than email.
From their website I can get their phone number, fax number and email address, I still won't know who receives the information through any of the channels?

  wawadave 16:20 08 Jan 2004

i would not email any one crdit card info.
every server your email passes it can be read the first being your isp. the others depending on where may be being whom knows who.
and the asking of credit card info in emails is useally a scam.

  anchor 20:17 08 Jan 2004

If you speak to someone, or send a them fax or letter, at least you know that you are in direct contact with the people who need to know. This is surely better than e-mail. Notify your credit card issuer that you have done this.

If you are that worried about fraudulent use of your card, then remember that there is a risk whenever and wherever you use it. The details "may" end up in the wrong hands.

  sneakerman 23:17 08 Jan 2004

Thanks for all the responses. Slightly missing the point I think
On the phone, how do you know the person is who they say they are?
I can look up a website that specifies phone/fax/email, surely anyone of these will end up at the same place. Now if I was to ask someone for their phone/fax/email then that is a different story.

I am not necessarily going to send a credit card number in an email, its just the thought of it prompted me to ask the question - what is wrong with it.


This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

Photoshop CC 2018 released with new Curvature Pen and better brush tools

Camera tips to take better iPhone photos

Les meilleures applications de covoiturage 2017