Payment Security

Gia Travels Online realizes how important the card data security is to you. We have taken a number of steps that will help enhance the safety and confidentiality of transmission of private information sent from Gia Travels Online over the Internet. Given below are answers to some of the questions that users may have with regard to payment security:

Is my confidential information secure?
What is a "secure session" and how does it help keep my information safe?
What specifically is SSL?
How do I know I have entered a 'SSL secure area'
What type of connection do I need?
Why do I need a login ID and password?
What should I do if I am using a "public"computer?
What are "Cookies"? Do I need to accept them?
1. Is my confidential information secure?

Whenever Gia Travels Online asks you to send confidential information over the Internet, including personal account information, we require that a "secure session" using SSL first be established.

2. What is a "secure session" and how does it help keep my information safe?

During a secure SSL session, information passed back and forth between your computer and Gia Travels Online systems is secured by using public key cryptography. Your computer exchanges key information with Gia Travels Online web server by creating a private conversation that only your computer and Gia Travels Online  systems can understand.

3. What specifically is SSL?

Any time you access or supply personal and confidential information including personal information or credit card information in our secure online areas, that information is encrypted by a technology called Secure Sockets Layer ( abbreviated as SSL). SSL technology secretly encodes information as it is being sent over the Internet between your computer and Gia Travels Online systems, helping to ensure that the information remains confidential. The use of SSL requires the following components: an SSL-compatible browser and a web server to perform the "key-exchange" that establishes an SSL connection to Gia Travels Online Web server systems. Netscape Navigator, Microsoft's Internet Explorer.

4. How do I know I have entered a "SSL secure area"?

You will be able to verify that you have entered a secure area by confirming the site address on the top of your page which will read as https instead of http when you first logged in. Secure SSL sessions are established in Gia Travels Online where your personal information is being transmitted, including:

User id & password
My profile/traveler details & Credit Card Details
My trips
Payment instrument details
5. What type of connection do I need?

Nearly all Internet Service Providers (ISPs) automatically enable the SSL session described above, as do most online services. If you use your company's internal connection to access the Internet and you find you cannot access Gia Travels Online ' secured pages with an SSL browser described above, your company may be blocking access via a "firewall". Please speak to your firm's Internet access systems administrator for further details on your network's Internet access.

6. Why do I need a login ID and password?

The use of a login ID and password are as an additional security measure that helps protect your confidential information. This lets Gia Travels Online verify exactly who you are, thereby allowing you access to your information, and help prevent unauthorized access.

7. What should I do if I am using a "public" computer?

If you use a public computer that others also work on and you are uncomfortable that they may view "cached" pages after you have left the computer station, then please quit/exit your browser software before leaving. This will decrease the possibility of anyone viewing your confidential information. No other users will be able to access your information online without your User-ID and password.

8. What are "Cookies"? Do I need to accept them?

A cookie is a text file on your computer that reminds our system of your particular browser preferences and security requirements and lets Gia Travels Online know exactly who you are. If your browser prompts you when a cookie is "served", you must accept it or access to confidential information will be denied, because we will not be able to ensure that the information is being sent to the proper person/s. Since cookies are site specific, only Gia Travels Online can access, decode, and make use of the information.

7. tips to protect yourself against online fraud and identity theft

We’ve put together a list of tips that you can use to protect yourself and your friend and family. Take a quick read through it could help you to spot potential fraud before it happens.

1. Don’t take the bait

This is one of the number one ways that fraudsters and hackers can gain access to your information. Don’t open up links, pictures, or attachments from any unknown contacts or simply if you are suspicious. Red flags could include content that your contact wouldn’t likely share, pictures claiming to be you, or an attachment sent from a person you have little to no contact with. If you are suspicious about any of the above or something feels off about the content, do not reply to the email. Make sure to verify with the sender through another communication tool such as calling the company or sender over the phone to make sure that they did in fact send the item themselves and that it wasn’t maliciously forwarded from a disreputable source. Other forms of bait could be being “randomly” selected to be a winner of a prize of a contest you did not enter, or too-good-to-be-true offers online, long lost contacts, or online “virus” scanners. These are very general but aim to give you an example of what a potential scam may showcase in an attempt to convince you to click on their content.

2. Change up your passwords, and use strong passwords

Your username password is usually the only thing stopping a potential scammer from gaining access to information sites like your personal email, social media, or more. Avoid using easy to guess passwords, such as “Password”, your birthday, etc. The number one password according to a recent study, was 123456. Several of the top 10 were related number combinations. By using a password like this, it makes it very easy for a hacker to simply guess your password without even having to know you or take further action. When creating passwords, use strong password criteria such as passwords that contain multiple instances of numbers, upper and lower case letters, and special characters when available. To take this a step further, activate two-factor login authentication that can be as simple as answering a secret question set by you, or having a 4-6 digit pin number texted to a smartphone of yours that you’ll need to enter into the login to access your account. This is the preferred method as it gives you significantly higher security and a scammer wouldn’t be able to access your account without your password, secret question, and personal device.

3. Use sites that contain only HTTPS URLs

This is one point that is extremely important to take note of. If you are on any site that you are looking to make a purchase from, or enter personal information into, at the very least make sure that the secure icon is displayed, and that the very first letter preceding the “www” are https:// and should show up in your web browsers address bar like so: Depending on your web browser, it may display differently so make sure to take note of the actual letters in the URL address.

4. Stay up to date on current scams going around

Staying up to date is by far one of the best ways to make sure you’re protected against fraud and identity theft. If you are aware of the scam going around you will be significantly less likely to fall victim to the scammer’s intent. Some of the common scams going around could potentially be dating services, computer services, charity organizations, and even people posing as government agents such as Canadian Revenue Agency (CRA). There are several more common types, make sure to check the Little Black Book of Scams and stay up to date with some the common and current scams going around.

5. Keep personal information confidential

Unless you are very confident about the site you are using, be wary of entering information on sites that are looking for your personal information. Be especially wary of sites asking for any financial information, address and birthday, or middle names. Most sites do not need this information and have very little use to collect this, especially all in one place. A huge red flag is if a site (aside from a verified government website) will be if they are asking you to input your social security number or any other personal identification number, your Personal Health Number, Drivers License Number, or Birth Certificate ID Number. There are very few organizations on the internet that will actually need this information so be wary and do your due diligence before inputting any of this information into an online site.

6. Don’t respond to phone calls about your computer asking for remote connections

Unless you have otherwise contracted an IT company to fix your home computer, which is probably unlikely, anyone who phones to try to gain remote access to your personal computer is very likely up to no good. These scammers will tell you that they are updating your version of Windows, fixing an error they detected on your machine, offer to clean up and speed your machine up, and many other stories, but in the end they are looking to do none of these things. Often, these types scams will lock down your computer and demand that you pay them to unlock it for you, in which it won’t stop there. Once you give them your payment details they now have your personal information to do what they wish with. The best thing that you can do to anyone that you don’t know asking for remote connections to your computer is to hang up on them without saying a word.

7. Be wary of unusual payment requests
Lastly, be wary of any merchant or any website accepting payment forms that are out of the ordinary. Websites that only accepts payments in the form of bitcoin or other e-coin, pre-loaded debit cards, gift cards, or iTunes cards are most likely doing this so that they are unable to be tracked and generally there is a reason for this. Any reputable online retailer will likely be able to process credit cards on site instantly, or through a well-known payment processor such as PayPal or Square.