Abstract: This invention provides security controls against exposing Confidential Information that is required to purchase goods and services from Internet Entity 56 offered on a home page site. The Confidential Information is input to a data base 52 which is part of a tracking and authentication module 50. Including in the tracking and authentication module 50 is a certification server 54, and authentication server 53 and the data base 52. A series of look-up tables, 200, 300 and 400 are provided in the data base 52 and the data entries in the tables, including the Confidential Information, is tied to a first data set which typically includes a user's ID/password and a second data set comprising a framed IP address issued for use only during each log-in - log-out session. It can be any form of alpha-numerical designation. The Confidential Information contained in table 400, if misappropriated, could be used to make purchases chargeable to the user.