I have an 'Internet Merchant' account with Barclays Bank (one of the four largest banks in the UK).

When you place a credit card order, it's actually a two-stage process.

First, you enter some details about who you are, your address and what you want.

Then the system passes you through to Barclays' credit card processing system, and that's when you enter your credit card details. You are not giving them to me or to my website, and in fact I never see them. When you are giving your credit card information to Barclays' system, notice these points:

• a small golden padlock symbol appears in your browser (usually towards the lower right of the display)
• the page address (the URL) begins 'https' instead of the usual 'http'. The 's' stands for 'Secure'.

These signs show you are using a secure web page. This means the information is encrypted, so that no unauthorised party can abuse it. For the technically-minded, Barclays use SSL-based 128-bit security (at least).

Why do some of you see a warning message that my security has expired? I used to have SSL security on my site. This was unnecessary and expensive, so I purposefully allowed it to lapse. The bank's site is still secure. For some reason, this means some of you see a warning message that the security on my site has lapsed. I'm trying to get this fixed.

Many people trade online who have not taken the trouble to set up an Internet Merchant account. Often,  they process credit cards using a 'shared' security certificate. In other words, they are 'sharing' your data with someone else they have decided to trust!