Results 1 to 23 of 23
  1. #1

    Can i trust Credit Card transaction !!!

    Can i trust online transaction paying by paypal or by creditcard. iam worried wheather my card will be hacked or misused.

  2. #2
    Join Date
    Jan 2001
    Location
    Vienna, Austria
    Posts
    2,530
    I used it for last few years, and never received a bill for something i havent bought, so i guess, if you do business with well known merchants ( at least they should have https:// and certificate from authority that will show that they actually exist as a company), i think that you have larger chances that someone will get your CC number when you use your card in restaurants, or gas stations.

  3. #3
    Join Date
    Jan 2001
    Location
    Vienna, Austria
    Posts
    2,530
    and yes i have never used paypall, so try searching about them here (lot of satisfied and unsatisfied customers)

  4. #4
    thankx

  5. #5
    Join Date
    Aug 2000
    Location
    Tacoma, Washington
    Posts
    9,576

    Re: Can i trust Credit Card transaction !!!

    Originally posted by srinath
    Can i trust online transaction paying by paypal or by creditcard. iam worried wheather my card will be hacked or misused.
    I've been using your creditcard for weeks now with no problems

    Just Kidding

    Using a creditcard online isn't inherently more risky than using it 'in real life' at a store, or a resturant, as long as you look for a few things such as https:// connections with a secure certificate.

    Where that data is stored is another matter, and not so easy to know beforehand. It may be stored online in an unencrypted database, or e-mailed to the business owner and written on a piece of paper tacked to the wall.

    Generally speaking though, if a business has put some effort into their website and it looks professional there's a good chance they've also made sure the backend of the payment area has been thought out as well.

    If they use a third party system then you're quite safe as payment processors have systems dedicated to preserving and storing creditcard data securely.

    I've used my own creditcard online for years now with no issue at all, and feel safe doing so. If I wanted a 100% guarantee though the only real one is to cut your card in half.

    If in doubt, e-mail the business and ask them how data is stored, then make a judgement call on if you feel happy with their response.

    Greg Moore
    Former Webhost... now, just a guy.

  6. #6
    Join Date
    May 2002
    Posts
    542
    Think about it -- when you give your credit card to some punk kid working in the mall, is that any more safe than giving it to a hosting company via a secure connection?
    Jay » [email protected] • AIM » FDrive Support
    Front Drive™ » Advanced multi-domain solutions
    http://www.frontdrive.com/

  7. #7
    Join Date
    Jun 2001
    Location
    Kalamazoo
    Posts
    33,190
    Originally posted by FDrive
    Think about it -- when you give your credit card to some punk kid working in the mall, is that any more safe than giving it to a hosting company via a secure connection?
    Nope. Especially when they carelessly handle carbon receipts of it.
    There is no best host. There is only the host that's best for you.

  8. #8
    Join Date
    Sep 2001
    Posts
    305
    Hmm... I store my client's data strictly offline.

    Do you think I should announce that on the billing page to make people feel more secure?

  9. #9
    Join Date
    Apr 2001
    Location
    Denmark, Europe
    Posts
    614
    Hmm, haven't you got the same consumer protection laws in the US as we have here in Denmark?

    If a consumer finds something on this bank statement that he hasn't bought - he simply asks the bank to reject the charge, and he get's his money back instantly.

    It's then the business that has to prove that a purchase was made (for example by showing a signed form or similar).

  10. #10
    Many 'card issuing' banks have added the 'source code'
    which is a 3 digit # on the back of your card. This code is now being required by many online merchant in order to process your credit card order.
    This is another safety measure insuring that you are the card holder, and not using a card # that was retrieved through fraudulant means.
    It's a good step that the bank card industry instilled. Another safety measure.

  11. #11
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    It seems that in America, merchants rule
    They would hire a good lawyer and everything away from you. Or maybe send somebody after you, like in the movies

    Anyway, although fraud rates and techniques are much less here in Kuwait, we are very strict about security.

    The credit card number doesn't account for much here in Kuwait, as any transaction you do is authorized real time in the shop with a secret PIN.

    For internet transactions, my bank gave me a pre-pay debit card. I login to my bank account online and pay this debit card (put money in it). Then I should do the transaction. Any amount in the card not used for a month is retured to the account, and you can't put more than 200 KD (~ $600) in the card using online banking.

    However, I never seem to have made any use of this restricted system (it actually caused me a lot of trouble). I only deal with trusted websites.
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

  12. #12
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    Originally posted by SiteTutor
    Many 'card issuing' banks have added the 'source code'
    which is a 3 digit # on the back of your card. This code is now being required by many online merchant in order to process your credit card order.
    This is another safety measure insuring that you are the card holder, and not using a card # that was retrieved through fraudulant means.
    It's a good step that the bank card industry instilled. Another safety measure.
    Well, that caused my a lot of trouble, as my credit card doens't have such a number and it is required by some merchants.

    Still, the merchants would store this number in a database along with the credit card number. Anybody that gets this number can get the CC number too.
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

  13. #13
    not necessarily Ahmad.
    Generally, the safe payment gateway's and merchant acct's which are SSL secure, do NOT allow the merchant to retain the card #.
    When the trans. is being sent through the gateway it comes back to the merchant scrambled, with an authorization # if the trans. was good.
    If the trans. was declined, same situation, the card # is never given back to the merchant, when they are using like AuthorizeNet SSL gateway's.

    However, it's when we use our cards in person, and the card is manually imprinted etc.. or swiped, there is still that trans. ticket trail which leaves behind all details of your card #.
    It's true, it's safer to buy on line through an SSL merchant, then to use your card in person. (at least in America that's the case)

  14. #14
    Join Date
    May 2002
    Posts
    542
    Originally posted by Lurleene
    Hmm... I store my client's data strictly offline.

    Do you think I should announce that on the billing page to make people feel more secure?
    You may as well... I'm sure that a lot of people don't realize that their credit card data can be sitting in an unencrypted, online MySQL table just waiting for a kid to get at it... isn't that what happened with Addr.com around a year ago?
    Jay » [email protected] • AIM » FDrive Support
    Front Drive™ » Advanced multi-domain solutions
    http://www.frontdrive.com/

  15. #15
    Join Date
    May 2002
    Posts
    604

    Re: Can i trust Credit Card transaction !!!

    Originally posted by srinath
    Can i trust online transaction paying by paypal or by creditcard. iam worried wheather my card will be hacked or misused.
    PayPal, 2CheckOut and other 3rd party solutions are safe because the host does not have your credit card information and you can cancel recurring billings without going through the host...

  16. #16
    Join Date
    Apr 2001
    Location
    Denmark, Europe
    Posts
    614
    Originally posted by Ahmad


    Well, that caused my a lot of trouble, as my credit card doens't have such a number and it is required by some merchants.
    Ask you bank to have your card re-issued. All new cards have the CVV2/CVC check number. In any case, your existing card will expire in less than 2 years any ways.

    If you have problems, simply tell the merchant that you're using an old card without a CVV number. He can then enter 000 in his system, and will be able to charge the card.

  17. #17
    Join Date
    Dec 2001
    Posts
    539
    Originally posted by Ahmad


    Still, the merchants would store this number in a database along with the credit card number. Anybody that gets this number can get the CC number too.
    Any merchant caught storing a CVV2 code (the 3 numbers on the back) are liable for a $10,000.00 fine and the loss of any credit card processing priviledges.

  18. #18
    Join Date
    May 2002
    Posts
    542
    Originally posted by TomD


    Any merchant caught storing a CVV2 code (the 3 numbers on the back) are liable for a $10,000.00 fine and the loss of any credit card processing priviledges.
    That's nice to know, thanks for the info, Tom...
    Jay » [email protected] • AIM » FDrive Support
    Front Drive™ » Advanced multi-domain solutions
    http://www.frontdrive.com/

  19. #19
    Join Date
    Aug 2001
    Location
    Indiana
    Posts
    421
    Originally posted by TomD


    Any merchant caught storing a CVV2 code (the 3 numbers on the back) are liable for a $10,000.00 fine and the loss of any credit card processing priviledges.
    So recurring billing is pretty much out of the question, right?
    "Last year, some resourceful software enthusiasts cracked Sony Music's proprietary technology simply by scribbling around the edges of the disc with a Magic Marker pen, thus enabling playback on any device." - news.com

  20. #20
    Join Date
    Dec 2001
    Posts
    539
    Originally posted by WebmastTroy


    So recurring billing is pretty much out of the question, right?
    No.

    That is incorrect.

    Recurring billing does not require AVS or CVV2 checking every month. The customer approved the recurring charge and at that point the AVS and CVV2 were verified. Continued billing does not require the re-verification. Any change in the charge would require the AVS/ CVV2 verification (hence the reason we require a recurring order be cancelled and a new order opened when you choose to change a customer's hosting plan)

  21. #21
    Join Date
    Nov 2001
    Location
    California
    Posts
    1,991
    I've used PayPal to make a few payments and also receive a payment, both done with no problems at all.

  22. #22
    Join Date
    Jul 2002
    Location
    UK
    Posts
    29
    Yes, that is correct you will be fine

  23. #23
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    jks ..

    Thanks for the info, I will try again later.

    I contacted the bank before and they said that i won't get the number because my card doesn't have that magnetic bar on its back. They said the number is associated with that.

    I thought maybe they were confusing that with the 4 numbers PIN, but they specifically mentioned "3 number verification code".

    TomD ..

    Thanks for the info.
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •