Re: online stores and security.
by "Steve Mount" <steve(at)saltyrain.com>
|
| Date: |
Wed, 18 Oct 2000 10:47:46 -0400 |
| To: |
"Mike Taylor" <lonewolf(at)one.net>,
<hwg-techniques(at)hwg.org> |
| References: |
one |
| |
todo: View
Thread,
Original
|
|
Often when an online eshop shows my credit card back to me, it does so by
saying something like: "Payment by Visa (card ending in 1234)" or "Visa
xxxx-xxxx-xxxx-1234," not displaying the entire number but just enough to
verify what I'd typed in ... perhaps this would please your client?
-------------------------------------------------------------
Steve Mount, Software Engineer steve(at)saltyrain.com
Home Site http://www.saltyrain.com
US Constitution Online http://www.usconstitution.net
Clear your Soul http://www.anonymousconfession.com
Manager, HWG Logo Team http://www.hwg.org
----- Original Message -----
From: "Mike Taylor" <lonewolf(at)one.net>
To: <hwg-techniques(at)hwg.org>
Sent: Wednesday, October 18, 2000 9:08 AM
Subject: online stores and security.
> I had a customer who was concerned that after he entered his information,
> we displayed it back to him on the screen on an order confirmation
> page. He was upset that his credit card number was shot back to him and
> that even though our store had a valid SSL certificate, he feels his
> credit card information has been compromised.
>
> I think he's overreacting. How do those of you out there handle your
> order confirmation pages? What we always did (up until yesterday) was
> display the information as a confirmation for the customer's benefit and
> record keeping. We also send them an email confirmation (we do the online
> confirmation for immediacy). I can't imagine a circumstance where someone
> could retrieve someone's credit card information being displayed back to
> the client on a secure server.
>
> Thoughts?
>
> Mike
>
HWG hwg-techniques mailing list archives,
maintained by Webmasters @ IWA