E-Commerce Security Question
- Started
- Last post
- 9 Responses
- Rinse
Suppose you were a media label who had a client who had got another web development company to build the e-commerce part of their website.
This web development company clamied it was using a secure connection to complete all transactions.
But really the web dev co were just using a html page and sending that to a php script.
Which pressumably would go to the customer via e-mail.Hypothetically if this ever happened to some company what would you do ?
Thanks in advance
- Rinse0
don't know if I explained that to well...
they are launching a new window to a html page that is not on a secure connection, the html page with the form then sends it onto a php script!!!
in theory if this happened what would you do ?
- sp0
if they promise a secure connection and were contracted to do so, they are liable for it.
if it can be proven that it's not secure, then they are in real trouble.
i would bring it to their attention, formally, and if they resist contact your laywer.
check on the page to see if a] it is an ssl (https) connection, b] if there is a padlock in the browser status bar and c] what certificate they are using.
post the site, if you're not sure.
- Rinse0
no we are 100% sure, it doesn't go to a secure connection.
it can be proven that they aren't using a secure connection, above the form it actually says all transcations are via a secure connection...
I can't believe this...
what do you people think of this ?
- lifeinbinary0
i'd hire a hitman to get rid of them.
- Rinse0
bump
- jevad0
for fucks sake get it sorted out now. what are you doing wasting time asking people on here what to do - you honestly don;t know what to do?
That is so wrong what they have done - if you are 100% sure then you need to call them on it and tell your client.
- Rinse0
Jevad
hehe, right from the start when we found out about this we put a plan in place... for tomorrow.
the first thing that I did was not waste time but actually get the legals of this matter sorted!
the e-commerce bit apparently went up the thursday and I only found out that they added the e-commerce section yesterday...
yes what they have done is totally wrong but I don't think taking rash action on a weekend is a good idea...
this whole thread was to get feedback... and to cover any issues I hadn't thought off.
I have never actually got round to building an e-commerce site so I know the basics and the minimum that is required but I was looking for some serious reaction and some really honest opinions on this subject.
personally I can't believe this, did this tin pot web dev co honestly think we wouldn't find out about it?
- jevad0
keep us posted - i wanna find out how they thought they would get away with it!
- Rinse0
will do...
anymore people got any sensi thoughts on this one... ?