The Secure Connection Trap: Why Emailing Your Credit Card Number is Never Safe

“We’ll err on the side of caution and suggest that you never trust email with confidential information.”

A surefire way to make tech-savvy people shudder is to email them your credit card number to pay a bill.

It’s not that they don’t appreciate the transfer of funds to their account, but they understand that with email, you’re not just sending it to them. Any number of people in between (or computers, called “bots” in this context) can intercept, read, store, and potentially use that data.

When you send an email directly to a person, it’s not going directly to them.

We tend to think in terms of “sender” and “recipient” but forget to consider all the points in between. When you send an email, it has to go from your computer to your Internet Service Provider, and then from there, it is passed through possibly several other servers before it reaches the sending server. Once at the sending server, it is passed through the world wide web until it arrives at the recipient’s computer. Because it happens so quickly, we’re tempted to think it’s a direct connection, but let’s think about the origins of the term “world wide web” for a moment and consider what that might look like visually: many thousands of computers all connected together, passing data amongst each other. When you send an email, it is passed through many systems before it reaches the recipient.

Email is not encrypted.

Here’s the trap: when you login to your email, be it through an installed application or webmail service (Gmail for example), you’ll likely see that they are “secure.” Email applications typically require encrypted authentication, and webmail services are actually secure sites themselves, much like online banking.

Email is transmitted in plain text, and can be read, analyzed and stored by any one of the computers it touches along the way.

With your email application, encryption happens during authentication. This means your username and password are encrypted (generally not readable by the systems it passes through), but the email itself is not (because email is not encrypted).

When you login to a webmail service, you may see the “secure connection” notifier–usually a little “lock” icon in your address bar–which may present the illusion that your email itself is secure, but it is not. Only the current browser session is secure. Your username and password are encrypted, and the data being shown on your screen is also encrypted for that session (the connection between the receiving server and your computer). However, all that email in your inbox had to be delivered to your service provider, meaning it went from the sender out to the world wide web in plain text through many computers before reaching your inbox. Similarly any email you send through that service leaves the secure session through email and enters the world wide web to be delivered to the recipient. Since your connection to the service itself is encrypted, what you see on the screen cannot be read directly by someone intercepting the data, however as soon as you hit “send,” it’s anyone’s guess how many people could potentially see it as it shoots out over the web in its unencrypted form.

Regardless of your trust for the recipient, there is no way to know whose servers the email is passing through, nor whether you can trust them. We’ll err on the side of caution and suggest that you never trust email with confidential information.

It’s not necessarily the service providers.

We like to believe service providers are honest and not skimming through emails to find people’s credit card numbers, and hopefully the bulk majority are. But the compromise doesn’t need to come from the provider themselves.

Viruses on infected servers could be monitoring email traffic passing through the server, software tools can be used by “hackers” to sniff unencrypted data as it passes through the coffee shop wifi, and shady “companies” have even been known to setup servers on the web specifically to collect this type of data as it passes through, which they may either use or sell.

The safe alternatives…

I can’t speak for all companies, but I would expect most connected companies offer some way to pay a bill electronically in a safe fashion.

Picking up the phone and calling in your card number is much safer than email, because it is a much more “direct” connection to the recipient.

For our customers, we offer a secure payment gateway at secure.positiveesolutions.com — this can be accessed via the “Pay Online” button on our web site. It is secure, encrypted, and no confidential data is transmitted or stored in an unencrypted form.

Regardless of the how or why, the simple fact remains: email is not secure.

Write your credit card number on a piece of paper and pass it around a full room of strangers. Surely, you would never do such a thing. That’s essentially what you do when you type it into an email and press “send.”

Be educated, be safe.

-Robbie

Should you avoid external hard drives that boast built-in encryption?

I got thinking about this question today. Why do hard drive manufacturers add useless hardware encryption to external drives?

“Why, that should be obvious, Robbie; it’s because we are security conscious and want to protect our data from prying eyes,” you say. “And you call yourself a bald nerd!”

First of all, I don’t like your tone.

But second of all, exactly who are we protecting here?

Somewhere inside the chassis of your external hard drive, there is an integrated encryption/decryption chip. It boasts “256-bit AES Encryption”. Wow, sounds safe! So you plug in the drive to your computer, and place your private stuff on there, and feel safe. “It’s encrypted.”

Who is it safe from?

Bret Austen, General Manager of Positive E Solutions Inc., in Barrie, Ontario calls this feature a “false sense of security.” He explained to me that while his company does carry these drives, the encryption features are not a true protection for the users’ data. “That said, we do offer an encryption key solution which encrypts data in such a way that even if the drive is stolen, the data cannot be accessed since they require a literal key.” This key is one that you would keep on your keyring, and take home with you at the end of your shift. If that sounds more like what you’re hoping for, I suggest you get in touch with Mr. Austen to discuss this impressive solution.

So, back to your external hard drive. You placed your private data on it, and then you plugged it back into your computer a week later. Can you read the data? Sure you can. The hard drive is still an internal component of the chassis, which carries the built-in decryption chip. So as long as that drive is inside that chassis, you can read and write the “encrypted” data just as if it were unencrypted.

So exactly when does the encryption protect your data from prying eyes? Why it should be obvious: when the internal hard drive is removed from the external chassis.

When a thief steals your drive, are they going to sit down at your desk, pull out a Phillips screwdriver, and gently remove the internal hard drive from the chassis? Or are they going to grab the whole thing and run off with it, decryption chip and all? Similarly, if you lose the drive, will it still be readable by the finder? Sure, it will.

So when does the encryption actually take effect? When the chassis fails.

If your hard drive gets zapped from a surge, or otherwise the circuit board of the external unit gets damaged, data recovery “may not be possible,” says Phil Priest, a professional data recovery technician from PES Data Recovery in an interview with me this afternoon. “You’d have to track down a decryption chip with exactly the same key in order to access the data from the drive. We can recover the hard drive’s data, but it would be entirely garbled and unusable without the proper key,”

Data recovery may be possible in such a case. Mr. Priest goes on to say, “We had a recovery like that come in a while back. It was a Western Digital drive, and for some reason they had manufactured all the drives of the same model with the same decryption key.” He explained that the customer was fortunate in this case: the data was able to be recovered since a decryption key was readily available. However, the cost to procure the correct decryption key resulted in a notably higher cost of recovery and made expedited service impossible. Mr. Priest also warned, “if the manufacturer uses a different decryption key for each drive manufactured, there is likely no way to recover the data.”

So who is the encryption on your external drive really protecting? It would appear to me that the only person getting locked out of your data… is you.

Mr. Priest ended the conversation saying, “if your external hard drive has built-in encryption, make sure you keep a good backup.”

To protect your company data from accidental data leak or intentional data theft, please take a look at Endpoint Protector. This is the “proper” way to protect your data. www.endpointprotector.ca

Watch The Video

Please share your thoughts with a comment.