Shopping through SL

I've worked with an online store for a while, and have been shopping online probably before then. So, the idea of sending my credit card through a 128-bit encrypted, secure HTTP connection doesn't cause me to bat an eye. Likewise, I can give my credit card to someone at Wal-Mart or The Macceroni Grill and never miss a beat. However, I was thinking about shopping in SL last night and I found myself getting (irrationally?) nervous.

What I'm uncertain, or perhaps ignorant, of are two-fold:

1. The methodology.

2. The security of the methodology.

Here's the most secure methodology, that I can think of, for transacting ecommerce sales in Second Life. For the sake of my example, let's say I wanted to buy a hockey stick from Kerovia Galatea. That's something that's both tangible and fairly easy to picture in both lives, and I know Kerovia won't mind me using her since she is me.

I'd go to Kerovia's hockey store in-world, and see a hockey stick I like. Now, as soon as I walk in, she's got a prim that gives me instructions on how to by an item. I click on the dollar sign floating next to the object I want. That will provide a dialogue box(1) that I can type my information into (name, address, credit card). Once I click "Ok" on the dialogue box, my information gets encrypted with a bit of LSL and then emailed off to Kerovia's first life estore. Here, the data is decrypted, the credit card is checked and charged, then she mails off my hockey stick. In-world, that's fairly secure, but out-world has me worried, because I see two possible holes.

(1: I've not worked any with llDialog(), so it may require a series of dialog boxes and not just one.)

The first hole shows up when I'm entering information in the client. When that gets sent from my client to the SL servers, is that data encrypted at all? I've read that SL uses UDP packets, but is the data encrypted between my computer and the SL servers?

The second hole, the one that may not even be a hole, is encryption with LSL. I am _NOT_ -- I repeat, not -- well versed in high-end encryption. That said, and no slight to Christopher Omega, how powerful can speedy encryption with LSL be(2)? Is it possible to generate a 128-bit key that would make emailing such things as addresses and credit card numbers with llEmail() truly secure, or do the speed limits of LSL prevent it from generating "unbreakable" encryption?

(2: For the record, Christopher Omega's code may offer 1024-bit encryption, I've not looked it over except to glance at it. My reason for linking to his work was to show that LSL encryption is already being done, and to give him credit for being the first to do it. No slight is intended, promise.)

This is just something I was thinking of, and wanted to ask about. I don't plan on opening any stores, but with the forth-coming two-way transactions someone most probably will.

Right now, both your points are irrelevant. There's a much bigger hole in the transmission chain that you haven't even considered:

The way llDialog works is by saying the name of the button you click on a specified channel. Any script within 20 meters of the script generating that dialog can hear the communication, if it's listening on the right channel, and that transmission is in the clear.

As for your other two points,
1) Transmission is in plaintext.

2) Scripts can probably do adequate encryption of small amounts of data. Since there's a built-in 20-second delay with llEmail, spending a minute or so encrypting data isn't that much time.

Also, right now llDialog does not support input boxes, which would be needed since no one wants to say their credit card in chat... but... most likely when llDialog *does* support input boxes, whatever you put in that input box will be said on a public channel... so basicly I'm repeating what Carnildo said.

If however they change it, and make it so that anything a llDialog does is IMed directly to an object instead of said on a public channel, that would eliminate that problem.

You still have the other issue of SL actualy sending the text to and from the servers.

Would be neat to see this happen some day in SL, and probly will, but right now it doesn't seem like a good idea.

Right now, both your points are irrelevant.

*harumph* Not irrelevant, just not the biggest problems at present.

Yes, having llDialog() sending credit card numbers via llWhisper() or llSay() is dangerous. You're both right about that. I guess for now, shopping for RL stuff in SL is a long way from actuation. A pity.

I guess we could always have shopkeepers in the stores to IM our information. They could then fill out a webform. A player would have to have a boat load of whuffie for me to give them my credit card, though.

Do billing through your account. Would require LL acting as intermediary, and restricting you to the credit card on file, but they have all the information anyhow.

Example:
I go to store and click through etc etc. When it comes time to buy in SL I choose some new "Bill my Linden account" option. Would require infrastructure as far as collecting consent from the buyer and distributing cash to the seller, but keeps credit card numbers in the hands of someone we already trust with them.

Or use Paypal, that's tracked by email address. I'm fairly certain there's a way to initiate a request for money on the seller side (my roommate used to do that to me for bills). So you input your email address into the in-world kisok and the seller initiates. Then you just go outside SL and confirm the Paypal transfer.

Your talking about selling real world items in a SL store?

I might use paypal if the item was interesting to me. I'd never give my CC# to someone in SL.

I _think_ only the login to SL is encrypted.

:blush!:

Thanks much for mentioning me



Implementing a real dialog event will solve the public chat problem, here's the thread in feature suggestions

==Chris

Pay in Lindens. Charge at a rate of about $1000L / $4US. If the hockey stick costs $35, plus $5 shipping then charge $10,000 - $12,000L. The only information you need to get then is shipping address. The seller can turn around and sell on GOM or IGE the $10kL for about $40 and be in the good. That is hte most secure way to do the transaction right now I think. Although you run the risk of the L$ market falling through. <shrug> its an idea.

Cienna, you brought up two points: Lindens clearing credit cards and Paypal. I thought about Lindens doing that, much like some cellphones are usable as credit cards and the charges get tacked on to your bill. I do like this idea, and think it's ideal. I'm just not sure if the Lindens would want to put in the effort of becoming a certified credit card clearing house (I think that's the term). In this shopper's humble opinion, that is _THE_ best solution.

Using Paypal is the second best, in my opinion.

Christopher, credit where it's due. Thanks for the link.

Ama, I have a feeling, given current threads that the Lindens may be working toward something like that. I would prefer Cienna's (direct) Paypal model, but if they get a working currency system (Pay GOM with Paypal, withdraw in-world) going, I would investigate it. Good thinking.