Currently, there is an element of customer uncertainty in making payments to merchants on the Internet. It is not always clear to an end user whether the customer's connection is secure. Further, the customer relies very much on visual means conveyed by the web browser that the customer is using and on pages of information that confirm certificate numbers that are used for encryption. Neither is it always clear to the customer whether that information is indeed accurate or correct or actually coming from the browser or from somebody who is trying to trick the customer.
Aside from Internet communication security, there is also the concern that the website with which the customer is communicating is not, in fact, who it purports to be. The customer may not even be aware of the entity with which the customer is dealing. For example, the customer finds a site where the customer wants to buy something, but the customer is not sure whether it is a merchant of whom the customer has heard. The customer is not sure whether the merchant is actually valid and above-board.
In any event, there is a perceived risk to the customer in using credit card information to pay for goods and services over the Internet. The customer's credit card information is of some value and can cause a financial loss as well as considerable inconvenience to the customer if it is captured by a third party with ill intentions.
On the merchant's side of the transaction, there is a real financial risk that if a credit card is used fraudulently, settlement may be withheld or revoked by the card issuer upon receipt of a customer dispute. As more goods, such as software, music, electronic books, and the like are purchased over the Internet with no physical delivery and hence no address involved, the opportunities for such fraud increase.