Can i trust online transaction paying by paypal or by creditcard. iam worried wheather my card will be hacked or misused.

I used it for last few years, and never received a bill for something i havent bought, so i guess, if you do business with well known merchants ( at least they should have https:// and certificate from authority that will show that they actually exist as a company), i think that you have larger chances that someone will get your CC number when you use your card in restaurants, or gas stations.

and yes i have never used paypall, so try searching about them here (lot of satisfied and unsatisfied customers)

thankx

Originally posted by srinath
Can i trust online transaction paying by paypal or by creditcard. iam worried wheather my card will be hacked or misused.

I've been using your creditcard for weeks now with no problems

Just Kidding :D

Using a creditcard online isn't inherently more risky than using it 'in real life' at a store, or a resturant, as long as you look for a few things such as https:// connections with a secure certificate.

Where that data is stored is another matter, and not so easy to know beforehand. It may be stored online in an unencrypted database, or e-mailed to the business owner and written on a piece of paper tacked to the wall.

Generally speaking though, if a business has put some effort into their website and it looks professional there's a good chance they've also made sure the backend of the payment area has been thought out as well.

If they use a third party system then you're quite safe as payment processors have systems dedicated to preserving and storing creditcard data securely.

I've used my own creditcard online for years now with no issue at all, and feel safe doing so. If I wanted a 100% guarantee though the only real one is to cut your card in half.

If in doubt, e-mail the business and ask them how data is stored, then make a judgement call on if you feel happy with their response.

Greg Moore

Think about it -- when you give your credit card to some punk kid working in the mall, is that any more safe than giving it to a hosting company via a secure connection?

Originally posted by FDrive
Think about it -- when you give your credit card to some punk kid working in the mall, is that any more safe than giving it to a hosting company via a secure connection? Nope. Especially when they carelessly handle carbon receipts of it. :rolleyes:

Hmm... I store my client's data strictly offline.

Do you think I should announce that on the billing page to make people feel more secure?

Hmm, haven't you got the same consumer protection laws in the US as we have here in Denmark?

If a consumer finds something on this bank statement that he hasn't bought - he simply asks the bank to reject the charge, and he get's his money back instantly.

It's then the business that has to prove that a purchase was made (for example by showing a signed form or similar).

Many 'card issuing' banks have added the 'source code'
which is a 3 digit # on the back of your card. This code is now being required by many online merchant in order to process your credit card order.
This is another safety measure insuring that you are the card holder, and not using a card # that was retrieved through fraudulant means.
It's a good step that the bank card industry instilled. Another safety measure.

It seems that in America, merchants rule :rolleyes:
They would hire a good lawyer and everything away from you. Or maybe send somebody after you, like in the movies :cool:

Anyway, although fraud rates and techniques are much less here in Kuwait, we are very strict about security.

The credit card number doesn't account for much here in Kuwait, as any transaction you do is authorized real time in the shop with a secret PIN.

For internet transactions, my bank gave me a pre-pay debit card. I login to my bank account online and pay this debit card (put money in it). Then I should do the transaction. Any amount in the card not used for a month is retured to the account, and you can't put more than 200 KD (~ $600) in the card using online banking.

However, I never seem to have made any use of this restricted system (it actually caused me a lot of trouble). I only deal with trusted websites.

Originally posted by SiteTutor
Many 'card issuing' banks have added the 'source code'
which is a 3 digit # on the back of your card. This code is now being required by many online merchant in order to process your credit card order.
This is another safety measure insuring that you are the card holder, and not using a card # that was retrieved through fraudulant means.
It's a good step that the bank card industry instilled. Another safety measure.

Well, that caused my a lot of trouble, as my credit card doens't have such a number and it is required by some merchants.

Still, the merchants would store this number in a database along with the credit card number. Anybody that gets this number can get the CC number too.

not necessarily Ahmad.
Generally, the safe payment gateway's and merchant acct's which are SSL secure, do NOT allow the merchant to retain the card #.
When the trans. is being sent through the gateway it comes back to the merchant scrambled, with an authorization # if the trans. was good.
If the trans. was declined, same situation, the card # is never given back to the merchant, when they are using like AuthorizeNet SSL gateway's.

However, it's when we use our cards in person, and the card is manually imprinted etc.. or swiped, there is still that trans. ticket trail which leaves behind all details of your card #.
It's true, it's safer to buy on line through an SSL merchant, then to use your card in person. (at least in America that's the case)

Originally posted by Lurleene
Hmm... I store my client's data strictly offline.

Do you think I should announce that on the billing page to make people feel more secure?

You may as well... I'm sure that a lot of people don't realize that their credit card data can be sitting in an unencrypted, online MySQL table just waiting for a kid to get at it... isn't that what happened with Addr.com around a year ago?

Originally posted by srinath
Can i trust online transaction paying by paypal or by creditcard. iam worried wheather my card will be hacked or misused.

PayPal, 2CheckOut and other 3rd party solutions are safe because the host does not have your credit card information and you can cancel recurring billings without going through the host...

Originally posted by Ahmad


Well, that caused my a lot of trouble, as my credit card doens't have such a number and it is required by some merchants.


Ask you bank to have your card re-issued. All new cards have the CVV2/CVC check number. In any case, your existing card will expire in less than 2 years any ways.

If you have problems, simply tell the merchant that you're using an old card without a CVV number. He can then enter 000 in his system, and will be able to charge the card.

Originally posted by Ahmad


Still, the merchants would store this number in a database along with the credit card number. Anybody that gets this number can get the CC number too.

Any merchant caught storing a CVV2 code (the 3 numbers on the back) are liable for a $10,000.00 fine and the loss of any credit card processing priviledges.

Originally posted by TomD


Any merchant caught storing a CVV2 code (the 3 numbers on the back) are liable for a $10,000.00 fine and the loss of any credit card processing priviledges.

That's nice to know, thanks for the info, Tom...

Originally posted by TomD


Any merchant caught storing a CVV2 code (the 3 numbers on the back) are liable for a $10,000.00 fine and the loss of any credit card processing priviledges.

So recurring billing is pretty much out of the question, right?

Originally posted by WebmastTroy


So recurring billing is pretty much out of the question, right?

No.

That is incorrect.

Recurring billing does not require AVS or CVV2 checking every month. The customer approved the recurring charge and at that point the AVS and CVV2 were verified. Continued billing does not require the re-verification. Any change in the charge would require the AVS/ CVV2 verification (hence the reason we require a recurring order be cancelled and a new order opened when you choose to change a customer's hosting plan)

I've used PayPal to make a few payments and also receive a payment, both done with no problems at all.

Yes, that is correct you will be fine :D

jks ..

Thanks for the info, I will try again later.

I contacted the bank before and they said that i won't get the number because my card doesn't have that magnetic bar on its back. They said the number is associated with that.

I thought maybe they were confusing that with the 4 numbers PIN, but they specifically mentioned "3 number verification code".

TomD ..

Thanks for the info.