The holiday season is fast approaching and the retailers are already decorating their stores with Christmas decorations and the gifts that they believe are what you want to give to your loved ones this Christmas.

It is also expected to be another huge year for online retailers, with sales on the Monday following Thanksgiving, the busiest single day for online Christmas shopping in the US, hitting $534 million. In other parts of the world, it is a similar story. In the UK for instance, the Monday following the first weekend in December is considered to be the biggest shopping day for online retailers with shoppers spending an estimated £320m ($533m) on that day alone last year.

But whilst many shoppers will be busy considering what gifts to pick up in the festive sales, one thought that often slips by is whether online shopping remains secure.

Most of us have become conditioned to spotting the key security signs when it comes to shopping securely online. The “padlock” symbol in the bottom corner of the browser window and the “https” in the URL bar are both signs that we are entering our credit card details over a secure connection. Many card providers also employ additional layers of security to ensure that the person using the card is indeed the owner. Mastercard use a system known as Securecode whilst Visa’s equivalent is known as Verified by Visa.

But what if things do go wrong? We you covered in case the worst happens? Well, whilst the law varies from country to country, it is possible that a bank or credit card may not cover any fraudulent card activity if you do not use any antivirus software on your PC.

Credit card fraud is a big issue, with the internet contributing a significant amount to the overall bill. In the US, around 7 cents in every $100 spent is thought to be fraudulent whilst the bill for fraud in the UK ran at £535m ($892.8m) in 2006.

In the US, legislation in the event of fraud is quite favourable to the consumer. If the card holder becomes the victim of fraud and reports this to their card issuer, they are usually reimbursed in full, although the law does allow for customers to bear a maximum $50 liability. The cost for the fraudulent transaction in this case is borne by the merchant (the seller of the goods).

In the UK however, the cost of the fraudulent activity is the responsibility of the issuing bank. Credit cards and bank accounts in the UK are covered by the banking code which, whilst protecting customers, places the onus on the customer to take care of their cards and financial transactions.

Interestingly, this duty of care makes explicit reference to antivirus software on a user’s PC. Clause 12.1 of the banking code states:

“Keep your PC secure. Use up-to-date anti-virus and spyware software and a personal firewall.”

Clause 12.11 later states:

“If you act fraudulently, you will be responsible for all losses on your account. If you act without reasonable care, and this causes losses, you may be responsible for them. (This may apply, for example, if you do not follow section 12.5 or 12.9 or you do not keep to your account’s terms and conditions.)”

Whilst there have been no reported cases of banks or lenders refusing to insure fraud losses due to a lack of antivirus software or spyware removal tools, it is conceivable that a lender could deem a lack of anti-malware software as “acting without reasonable care”.

The advice therefore is to ensure that if you are shopping online this Christmas, avoid a nasty surprise by making sure that all transactions take place on a computer which has an up-to-date antivirus software package.

Like what you're reading? Subscribe to our top stories.

If you want to subscribe to our monthly newsletter, please submit the form below.