Abstract

S uppose you want to buy something over the Internet with your credit card, You might simply send the 16-digit Visa number and four-digit expiration date over the Net via e-mail. But this approach has its risks: A crook might break into the company's computer and learn your credit card number. Using the World Wide Web isn't much better. Today, some companies are inviting customers to type their credit card numbers into forms displayed by WWW clients such as Mosaic or Lynx. But when the content of those forms is sent back over the Internet to the Web server, it can be "sniffed out " by a packet-sniffer application, placing both the buyer and the seller at financial risk. Some businesses don't worry about stolen credit card numbers-they think their bank, or credit card companies, will cover any