Your secret information of your credit card or internet banking are stolen by many ways, most popular ways are:
1. Mr A sends you an email which asks for your secret information, thereafter you fill the information and it goes to wrong hand.
2. Suppose you provide your credit card detail to Mr B (may be a person you know or don’t) thereafter Mr B (or someone who got the same information from Mr B) misuses it.
If your banker provides you an additional security tool then Mr A or Mr B can not do any fraud. A good example can be of Axis Bank (formerly UTI Bank), they have implemented a system called “2FA Token”, in which they are using mobile phone as an additional tool. You will receive an SMS, having a one time code, in your mobile phone, entering that one time code you will receive another one time code on your computer screen: that is your additional password. Interesting? See a demo of 2FA Token of axis bank in the link: www.axisbank.co.in/BankAway/web/L001/images/demo/index.htm
Beside responsibility of bank, online shopping site should follow PCI Standards. Let me introduce PCI DSS (Payment Card Industry Data Security Standards) to you. PCI DSS was developed by founding brands of PCI Security Standards Council including Visa, MasterCard, American Express, etc. There are 12 major requirements to PCI standard. The shopping sites (or e-commerce sites) which follow these standards are far ahead in terms of security than others.
Newcomers in e-commerce sector like www.globalonlinesubscription.com (an online shopping site for books, journals, magazines, etc.) are very careful to implement PCI DSS, in order to secure customer loyalty.