RE: E-commerce & Security, for the non programmer..

Mon, 14 Aug 2000 08:02:53 -0700 

The shopping cart/cc portion MUST be under an SSL, note the closed "lock" at
the bottom of the browser and  HTTPS instead of HTTP.

Check that the CC no is NOT going over the URL (I've actually seen this
done).  I don't know if there's a way to check, but the CC no should not be
going through email either.

It's not necessary to have more information than the CCNO for a transaction
to occur, I think this is bad business on the banks part.  There really
should be more validation than just the number, but again, it's not required
with all banks.

Just remember that I am in no way an e-commerce expert.  These are just my
observations so far.

Good Luck
Bonnie

-----Original Message-----
From: Paul Ihrig [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 14, 2000 11:05 AM
To: '[EMAIL PROTECTED]'
Subject: OT: E-commerce & Security, for the non programmer..


Hello.
My brother Adam just got promoted at the Credit Card Co. that he works for.
He has been in fraud & security for a couple of years.

His new position is to look at e-commerce sites that are using his Co.'s.
card.
If they are not secure he needs to shut them down, revoke usage of said
card.

I have never done any CF related shopping carts, so I really cant give him
any advice on Key things to pay attention to.

If you have any good resources, [Books, URL's], Tests, or just advice please
respond.
I would like to help him out.

Thanks a bunch
I apologize for the OT:


His email is
[EMAIL PROTECTED]


-paul

Web Developer, nbbj
Work:   [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
        614 241-3534

Home:   [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
        614 449-1681

                [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
                icq: 47658358

----------------------------------------------------------------------------
--
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Reply via email to