Email Security
March 8, 2004 4:33 AM   Subscribe

Email security: I operate under the idea that sending credit card information via email is a bad idea. Is this a myth or are the security concerns real?
posted by Dick Paris to Computers & Internet (16 answers total)
The best analogy for email is that it's like sending a post card. Anyone looking at it along the way can read it plain as day. This includes your ISP, your recipient's ISP and any bored sysadmins or script kiddies along the way, or perhaps your neighbour snooping on your WiFi traffic.

Don't do it. Ever.
posted by Space Coyote at 4:41 AM on March 8, 2004

email is nonencrypted, so if your email is intercepted then it's there for all to read.

If you transmit your data using a secure server (padlock on the bottom bar) then it's encrypted.
posted by twine42 at 4:42 AM on March 8, 2004

twine42: except that it's only encrypted between you and your smtp server. After that it's back to plain old text, and who knows what kind of setup the destination network is running on.
posted by Space Coyote at 5:08 AM on March 8, 2004

space coyote - I meant in a web browser not by email. Should have made myself clear.
posted by twine42 at 5:56 AM on March 8, 2004

Instant message networks have the same problem, btw.
posted by gen at 5:56 AM on March 8, 2004

posted by matteo at 6:31 AM on March 8, 2004

of a at least an equal concern than someone intercepting the messages, is if the email copies get left on the recipient's server and backed up to tape.

and space coyote is correct. only the connection to the email server is secure, and after that the email is in plain text.

to be secure, the text has to be encrypted. which means pgp or similiar schemes.
posted by lescour at 7:15 AM on March 8, 2004

PGP and S/MIME are as far as I know, currently the two standards used to do point-to-point encrypted email.

in my experience, almost nobody uses them except companies with a public key infrastructure, and there aren't a ton of those (when i was working for a company selling PKI, there were quite a few corporations we talked to that were *starting* to implement a PKI, but they projected the project to take a couple years. We *sold* email encryption and we didn't use it that often among ourselves, and almost NEVER outside of our company.)

this sort of thing might change in the future, as i've read some mutterings about microsoft introducing a new email standard that would ID the sender and it's only a few short steps to introduce secure email after that, although i guess you can't really expect them to bother with it.

don't send any sensitive information via email unless it's encrypted with strong encryption or you're feeling lucky.
posted by fishfucker at 7:18 AM on March 8, 2004

Response by poster: Thanks for the insight everyone.

The issue came up when, in a registration form for a conference, a mention was made to email the information on the form which, of course, includes credit card numbers. I know the chances are slim that a scoundrelâ„¢ could take advantage of that information but I think it is a practice we (those responsible for these registrations) should curtail.
posted by Dick Paris at 8:54 AM on March 8, 2004

I'm going to take the contrarian position on this. It's not ideal, since it's not encrypted, but a credit card number in an email is still more secure than:

- Telling it to someone over the phone (easily eavesdropped)
- Handing your credit card to a waiter at a restaurant, who then takes it away, disappears for an unspecified period of time, then brings it back to you

Just a bit of perspective ;)
posted by mkultra at 10:34 AM on March 8, 2004

Response by poster: Thanks for the contrary position Mkultra. Is gleaning information from an email the electronic equivalent of dumpster diving?
posted by Dick Paris at 10:44 AM on March 8, 2004

If what I'm about to state is bad advice, I hope the more informed here will please let me know.

But I've always been under the impression that if one split and sent credit card info into three separate e-mails it was pretty secure.

The idea, of course, was that while bad actors might intercept one, the odds of them intercepting all three were very unlikely.
posted by mojohand at 11:08 AM on March 8, 2004

Somewhat, but incrementally more sophisticated. Someone who's going through the trouble to sniff your network traffic is going to be looking for number patterns that match credit card numbers.
posted by mkultra at 11:09 AM on March 8, 2004

Another reason sending credit card numbers in plain text is a bad idea is that it means that copies of the e-mail end up sitting on the recipient's machine. That means all someone has to do is push a few buttons and they'll probably have a good harvest of CC numbers. That's a lot easier than dumpster diving or gathering CC #'s one at a time for receipts. As a consumer I'd be wary of someone who can't be bothered to put a secure website for ordering.

If I were worried about someone intercepting e-mail I'd be less worried about packet sniffing than I would be about someone guessing an obvious password for someone's mailserver and then just picking up copies.
posted by rdr at 11:43 AM on March 8, 2004

I have used the "split it into three messages and send them 10 minutes apart" method before with some trepidation (and only with my boss's credit card) but, as mentioned earlier, e-mail is probably one of the most secure methods of using your credit card, despite the apparent insecurity. I would be more concerned about giving it over the phone unless I knew the person on the other end.

Tangentially, if you ever enter your credit card number or phone banking numbers via your work phone, make sure your company does not have a system that tracks numbers dialed, because those numbers (including your PIN) will show up on the logs and the numbers are obvious to the naked eye of anyone looking at the log. You can imagine how a staff member felt at my previous job when I rang her and recited her phone banking and PIN numbers back to her from the log.
posted by dg at 7:55 PM on March 8, 2004

My merchant account contract states specifically that I can't accept cc numbers via e-mail. So there is that reason not to do it.
posted by litlnemo at 8:30 PM on March 8, 2004

« Older What are the best resources, online and off, to...   |   Cleaning Off the Goop Newer »
This thread is closed to new comments.