The Underscore Archives

On Wed, 2007-05-30 at 17:42 +0100, Pete Fairhurst wrote:
> "Even without encryption, transmitting credit card and other personal
> details across the internet is far less likely to be at risk than normal
> face-to-face transactions."
> 
> Assuming this person has been punched in the face by every shop keeper
> they've met: fair do's.

If the shop keepers don't do it then the bank will , no bank will give
anyone a merchant account if they don't have ssl on their website.

If you do notice a non-ssl site just generate a luhn compliant credit
card number and you will probably be able to buy anything in the shop
because they will certainly not have online balance checking implimented
due to a lack of merchant account.

The credit card companies fine you (or the bank , so you again) about 5
dollars per transaction for not following security guidelines. 
For more on this google for 'PCI Compliance' , also recommended as a 
treatment for insomnia or excessive lust for life.

I suspect they got the site made and tried to get the bank interested
who then said , get ssl and the sweet shop got someone to hack it in
to the site but without changing the text . I suppose archive.org might
tell you.

Toodle-pip
Amias