Re: legalities of encryption - Emailing info

by "Paul Wilson" <webgooru(at)gte.net>

 Date:  Mon, 14 Aug 2000 17:38:33 -0500
 To:  "Dixie" <dixie(at)kandi.org>,
<hwg-basics(at)hwg.org>
 References:  cs gte wc
  todo: View Thread, Original
Dixie,

The answer is yes and no.  They said they had a "locked" form, but used an
unsecure email with raw credit card data in it.  This might present an
appearance to the customer of being secure, but the customers CC data is now
being sent by ordinary email to the retailer.



> But isn't he saying that they are using a secure form?  The way I read his
> message is that the customer is on a non secure site until it is time to
> order.  The customer clicks a link to a secure encryption and places the
> order there.
>
>
> > This is NOT safe enough.  It will also scare away most customers, people
> > today are more conscious about security.   The days when you could get
> away
> > with an unsecure form online are long gone.
>
> >
> > > The site I made has a place where the user can order something on line
> > using
> > > their credit card.  here's how it works:  They enter the main site,
then
> > > click on a link to a secure site.  The page that the user types on has
> the
> > > 'lock' or 'key'.  They enter their visa info, then click on 'submit'.
> > When
> > > they click on the 'submit' button, an email is generated to the
> webmaster
> > > with their form data (their name, credit card number, exp. date, what
> > they're
> > > ordering, etc...).  The recipient of the Email then uses their
> > > already-existing credit card swipe machine to process their order.
This
> > is
> > > how my client wanted it done.
> >
> >
> >
>

HTML: hwg-basics mailing list archives, maintained by Webmasters @ IWA