Forgot your password?
typodupeerror
Security

+ - dealing with online merchants who don't use SSL?

Submitted by Unprotected Coward
Unprotected Coward (666) writes "I was just about to make an online purchase for a hardware product when I discovered the vendor (a self-titled "leading" seller for the US university market) does not even use SSL to encrypt the credit card form data (yes, I checked the HTML source, the form POST is to a non https URL). I am angry and frustrated that in 2007 this still happens with big stores (and I don't even want to imagine what application-level vulnerabilities they may have).

Besides writing them, should I call Visa or Mastercard? I thought it was mandatory for online merchants to use SSL and other basic security measures. Is it all hopeless?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

dealing with online merchants who don't use SSL?

Comments Filter:

God made machine language; all the rest is the work of man.

Working...