PDA

View Full Version : Secure order forms


WildComputer
08-23-2001, 07:26 AM
There is a screenshot over at GetHighForums.com of Surf+ links on a secure order form (SSL)

I think this would be an interesting angle to explore, e.g. Does "Credit Card" or similar in say ClickBank's order form get captured?

clay
08-23-2001, 11:32 AM
Do you know if TopText checks it's database for links on everypage, or is the database of links downloaded while the user is idle?

Never thought of this to now, but if the person has toptext running and it has to check it's database for links everytime, over a secure connection, then maybe it's not secure at all. Here's why i think that.

A secure connection is basically a direct encrypted connection from the server to the users computer. If TopText has to relay the page information to their server, then they could be sending the same information to their servers over an unsecure connection. Even if they don't send the information you submit, alot of forms will print back certain bits of information for verification. So while a person with toptext may think they have a secure connection, they really don't.

At any rate, The program must look at the secure forms to be able to change it. I don't know how much i would trust a company who openly and freely steals revenue from others with that information. Who knows what information they keep on the user. I think it's pretty clear that the companies only goal is too make money at anyone expense. Not the kind of companies I like to trust.

If all else fails, you can start doing your entire website with images, and imagemaps. No text to underline that way. Imagine the upset users and bandwidth for such a site.

WildComputer
08-23-2001, 11:51 AM
I said "interesting" originally - now I'd raise that to "worrying"

Basically I am quite worried about the security aspect.

This is a different issue from advertising revenue. And I think needs to be looked at on its own merits.

I do not want even a remote risk that my customers' info could be compromised. Also many of my customers also use secure order forms for their sites, and I am sure they would be concerned about their customers' info.

I do not know if this issue affects TopText as well as Surf+. All that I have seen is the screenshots.

I do not know if this affects the order forms of third party payment processors, e.g. clickbank, verotel, etc.

I also do not know if secure information is being made less secure or sent over the net in an insecure manner.

All I do know, is that I am concerned.

I am hoping the nice folks at GetHighForums.com can find out.
See RoxanneJ's posts -
http://gethighforums.com/Forum10/HTML/001409-20.html
http://gethighforums.com/Forum10/HTML/001409-21.html

Click Here!