Page 1 of 1

HTTPS/SSL Certificate - Mandatory for CC?

Posted: Mon Sep 13, 2010 12:54 pm
by xjake88x
Should I always use HTTPS when users are inputting credit card numbers & billing info? Do you know any sites that don't use HTTPS? I just want to know if it's a total no-no for web applications.

Discuss.

Re: HTTPS/SSL Certificate - Mandatory for CC?

Posted: Mon Sep 13, 2010 1:19 pm
by Christopher
It is a total no-no to not use encryption when transmitting credit card information. I don't know of and website that does not use HTTPS to submit credit card info.

Re: HTTPS/SSL Certificate - Mandatory for CC?

Posted: Mon Sep 13, 2010 6:03 pm
by xjake88x
Thanks for the help! I'll add ssl certificate onto my clients expenses :P

Re: HTTPS/SSL Certificate - Mandatory for CC?

Posted: Sat Sep 18, 2010 2:56 am
by kaisellgren
That's right. It's a big no-no, and it would be better if you just used HTTPS all over the site. There are unfortunately sites that do not utilize SSL/TLS and eavesdropping those credit card details is too easy..