9289.com.au no encryption of CC details?

Was going through the checkin process at 9289 and found that the credit card details page was not encrypted, rather it was over plain HTTP. I can't believe an online shop can get away with it these days…

Related Stores

9289.com.au
9289.com.au

Comments

  • Just because the actual page is not encrypted does not mean the credit card submission process isnt.

    I would assume that the form you type your details into is submitted to a secure php script which will deal with the credit card details. Thus still providing a secure submission of the credit card details while minimising the load on the server as it does not need to handle https web page serving.

    • +1

      Still, as a respectable online merchant you really should have SSL and encrypted pages for all payment pages. In fact, having a merchant account from the bank stipulates that SSL and encrypted pages is 100% necessary and viewable to the consumer.

    • +2

      That would be possible if they used an AJAX style request that would encrypt the CC details, etc. But I checked the page and no, there was nothing like that.

      I actually got a response from 9289 acknowledging the problem. They suggested I use bank transfer instead.

Login or Join to leave a comment