read this b-4 entering creditcard# anywere

NIGHTFLIGHT

Banned
MANY PEOPLE ARE UNAWARE OF

**The main difference between http:// and https:// is It's all about keeping you secure**

HTTP stands for HyperText Transport Protocol,

which is just a fancy way of saying it's a protocol (a language, in a manner of speaking)

for information to be passed back and forth between web servers and clients.

The important thing is the letter S which makes the difference between HTTP and HTTPS.

The S (big surprise) stands for "Secure".

If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following: http://.

This means that the website is talking to your browser using the regular 'unsecure' language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.

This is why you never ever enter your credit card number in an http website!

But if the web address begins with https://, that basically means your computer is talking to the website in a secure code that no one can eavesdrop on.

You understand why this is so important, right?

If a website ever asks you to enter your credit card information, you should automatically look to see if the web address begins with https://.

If it doesn't, there's no way you're going to enter sensitive information like a credit card number.
 
Very good info for those that do not know this. Way to watch out for everyone on the org. :thumbsup::thumbsup:
 
I caution against giving CC info to any site. I suggest going with a third party processor such as PayPal etc.

Reason being is MANY ecommerce sites are seriously lacking substantial database security. It takes a pretty good amount of resources (IE $$$) to maintain a secure database. Many large scale databases have been compromised over the last couple years.. Although not publicized... Vegas casino's lost a few hundred million to e-crooks that broke into the system..
 
Ahhh this is a subject close to heart... My responsibilities at work are to hack credit card software as well as websites then provide guidance and direction on how to remediate the risk....

Make no mistake, just because it says HTTPS that doesn't mean that it is a secure website... It just means the company that your connected to has purchased a certificate.
 
Ahhh this is a subject close to heart... My responsibilities at work are to hack credit card software as well as websites then provide guidance and direction on how to remediate the risk....

Make no mistake, just because it says HTTPS that doesn't mean that it is a secure website... It just means the company that your connected to has purchased a certificate.
I had a line in my post that said "bet captain has something about this subject" :laugh: thought I would leave that sleeping dog lie however.. :)
 
Give your credit card to whomever wherever... It's far less likely to get hijacked on the internet than just about anywhere else. https is important, as for paypal etc what you've done is introduce another opportunity for fraud and Paypal being as difficult to work with as they are? Not my first choice, I'd rather have a dispute with my Credit card company than with Paypal.

Now, what I WON'T do... Ever EVER use a Debit card Online, over the phone, etc... Your debit card is a direct pipeline to your funds, and this can create all sorts of havoc.

SO NO debit card, but credit cards all day.
 
It has always been kind of funny to me that some people are more concerned about entering the CC info on a web site than giving it to an order taker on the phone.
 
Never EVER let your debit card leave your site, IE paying for food in a restaurant. This is the worst thing you can do.
Use a credit card with a low limit and use it just for dining out.
That is if you don't carry cash.
 
Never EVER let your debit card leave your site, IE paying for food in a restaurant. This is the worst thing you can do.
Use a credit card with a low limit and use it just for dining out.
That is if you don't carry cash.

Debit cards have the same protection as a credit card! It may take a couple days longer to get your money back but its all insured for fraud! Check your agreement if you doubt me.

As far as a restraunt goes, they can't run your card as a debit unless you enter your PIN so there isnt anything to worry about there either... When your card leaves your side they run it as a credit card, hence the reason you have to sign a piece of paper without entering your pin.

Keith the Internet is almost the most insecure place that you can enter your card these days. Cross side scripting, SQL injections and Phishing has taken over as far as the easy way to get cards... Even if you running a HTTPS connection on 443 with a certificate your not protected from bad coding it's just on a secure connection! Hacked with encryption...........

Where people need to be really really concerned is the storage of your cards... When you go to your local shop and they swipe your card, process the order and then store your card information so that they can help you later is the biggest problem out there. hundreds upon hundreds of insecure databases full of mag stripe data out there just waiting for the right person to come and get it..... It's not hard to find a business with mag stripe (Full magnetic card information includes name, PAN, CVV and expiration) data and once you have that you can just make a nother card and walk up anywhere that takes credit cards and charge just like you had the original card.

The best thing to do is just use common sense! make sure that you know the website that your entering your card to... Never ever give your PIN number to anyone. If you can use the hackersafe or McAfee secure logo (these have been scanned daily for coding vulnerabilities. Make sure that when you go to give someone your card that if they fail to ask for supporting ID you bring it to their attention. That check insures that you are the legitimate holder of the card... It's a validation!

Never ever under any circumstances give your wife your credit card on the day after Thanksgiving or Christmas

CAp
 
Never ever under any circumstances give your wife your credit card on the day after Thanksgiving or Christmas

CAp[/QUOTE]

:rofl: :banghead: :laugh:

Hard to pick an appropriate one......
 
Never ever under any circumstances give your wife your credit card on the day after Thanksgiving or Christmas

CAp
well that is one hell of a piece of advice on 12/27... gee thanks brother..

:rofl:

my experience with PP has been fairly good as of late.. I do about 20G a year through their server and never had 1 (one) chargeback or disputed charge..

They are pretty fair and follow a set of decent rule sets for transactions since the merger with Ebay... great resources for security..

I have a few commercial ecommerce clients that store full CC data.. nothing but headaches for me when it comes to web servers.. really quite beyond my skill sets to "guarantee" secure... I have every vulnerability to fix, they only need one to get me..
 
Back
Top