ZA Pro ID lock Query

What am i missing here?.In za pro id lock add information section (in my vault), there are categories for what information you want to input.Under the credit card category it shows 4 boxes.In the first three you can put 4 numbers respectivly but in the last one it just shows 4 Xs and nothing can be put in there.A credit card is usually 16 figures long so how do you input credit card info , when it only allows 12 digits to be inputted instead of 16?
tia
ellison


UPDATE......
Apologies i should have read the help file more carefully

"For added security, Zone Labs security software does not record the last 4 digits of your credit card number."

ellison

 

May i clarify whether web id lock only works on non https sites?.Ive just tested and ZA doesnt seem to alert when vault info is inputted at a https site.I know that apparently its impossible to remove ads at a secure site too so i guess its also impossible for ZA to monitor data input at an encrypted site?
tia
ellison

 

i also use za pro and would also like this answer to be answered

 

IDLock cannnot intercept secure connections due to the very nature of the protocol(otherwise it wouldn't be very secure, would it?).

P.S. You will find that most of your questions are already answered on the ZA forums such as this very thread (I don't think the search function is that hard to use):
http://forum.zonelabs.org/zonelabs/board/message?board.id=Privacy&message.id=5056#M5056

 

Ive had phishing email in the past supposedly from paypal etc but its pretty obvious the sites phoney because the lock is not in the browser and the address is slightly different.This made me think whether its possible for phishing sites to use https at the phoney site?,or is this something thats not possible for hackers?.Regarding the id lock i thought that it may act as a " proxy barrier" between any protocol , so i did expect it to warn me that information was being entered at a secure site.I mean an antivirus realtime scanner would pick up malware if it was on a secure site wouldnt it?.I guess i need to google for an easy to understand tutorial on how https works.
ellison

 

The thing is for a site to be HTTPS secure, it has to receive a security certificate from a security company like Verisign. These companies don't just issue security certificates to anybody. They do alot of background checks as to the nature of the business company's legitimacy etc. Its very unlikely for a phishing site to be HTTPS secured.

No ZA actually monitors the actual connection itself. It doesn't act as a proxy in any way.

If we look an an AV, like KAV 6.0 beta, its Web scan feature too can only monitor common HTTP ports and is unable to monitor data from ports used for secure HTTPS conections or secured email conections. But even if you download a malware from a secure site (I wouldn't know why a secure site would have malware in the first place), the AV's real-time protection feature will then pick it up once you have dowloaded it. The only difference between the web-scan feature and real-time feature is that the malware will be picked up sooner(and hence can be prevented from entering your computer) in the web scan while the real-time protection will alert you later but will prevent the virus from executing.

 

Thanks for taking the time to explain (very eloquently) those points
ellison