Re: trouble convincing client of ecommerce security requirements
by Kathy Wheeler <kathyw(at)home.albury.net.au>
|
| Date: |
Wed, 6 Mar 2002 08:05:46 +1100 |
| To: |
<hwg-techniques(at)mail.hwg.org> |
| Cc: |
"Missy Scott" <MBScott(at)d-assistance.com> |
| References: |
assistance |
| |
todo: View
Thread,
Original
|
|
> Any thoughts on this? Any experiences with ecommerce that wasn't secure?
A comment attributed to an Internet/computer security expert goes along the
lines "the only truly secure computer [data] is on a server that is turned
off, unplugged from everything, incinerated and the ashes locked in a bomb
proof safe" ... all servers can be hacked given time and sufficient
resources/effort.
However, most Credit card fraud is "inside jobs" from dis-honest or
disgruntled staff.
So basically, all the "secure" measures in the world are little real comfort
BUT it gives the end user the "warm and fuzzies", and that's what counts.
I think you have plenty of amunition from other posts to put up a very
convincing argument to your client. After all that, regardless of whether
they opt for secure servers or not, offer their customers alternatives to
credit card payment - phone, dd, fax, post etc. and let the cutomer choose
their preferred level of risk.
Cheers,
KathyW.
HWG hwg-techniques mailing list archives,
maintained by Webmasters @ IWA