Loading ...
Sorry, an error occurred while loading the content.

For PI Sites That Accept Credit Card Info Over The Net

Expand Messages
  • spies_online
    Everyone, I always cringe when I see sites which accept credit card information over the Net that are an invitation to hackers. I see that some people are, in
    Message 1 of 1 , Jul 13, 2002
    • 0 Attachment
      Everyone,


      I always cringe when I see sites which accept credit card information
      over the Net that are an invitation to hackers. I see that some
      people are, in fact, using SSL which is good; however, these days,
      with all of the cases of identity fraud and such, I would still be
      concerned about hackers intercepting data. Here are some articles
      that are worth a read:

      http://www.silicon.com/bin/bladerunner?
      30REQEVENT=&REQAUTH=21046&14001REQSUB=REQINT1=43813

      http://zdnet.com.com/2100-1105-920092.html

      http://www.silicon.com/bin/bladerunner?
      30REQEVENT=&REQAUTH=21046&14001REQSUB=REQINT1=53339

      http://www.silicon.com/bin/bladerunner?
      30REQEVENT=&REQAUTH=21046&14001REQSUB=REQINT1=50831

      http://www.silicon.com/bin/bladerunner?
      30REQEVENT=&REQAUTH=21046&14001REQSUB=REQINT1=50026

      http://www.silicon.com/bin/bladerunner?
      30REQEVENT=&REQAUTH=21046&14001REQSUB=REQINT1=49548


      After reading some samples of what hackers use web spoofing to do,
      here's a little demonstration of web and SSL spoofing:

      http://www.cs.dartmouth.edu/~pkilab/demos/spoofing/


      As I hope you can now see, using SSL is not enough to protect your
      customers, because hackers can generate a false "secure" connection
      with a customer's PC and the customer would be none the wiser. SSL
      is, of course, needed to give strong encryption for the connection to
      the web site. However, what is also needed is something that will
      guarantee that the link really is coming from your site, and not
      through somewhere else.

      I would highly recommend that everyone who accepts credit card
      information via the Net to take a look at WebAssurity Protector
      from ArticSoft, which is completely free. Take a look at their site:

      http://www.articsoft.com/webassurity-sign.htm


      They also have a helpful online demo. Of course, there are higher
      cost solutions, but most people think free is good. I hope some of
      you will find this to be helpful.


      Joanne Waldron, Spies Online Webmaster
      http://www.spiesonline.net
    Your message has been successfully submitted and would be delivered to recipients shortly.