Page 1 of 1
HTTPS/SSL Certificate - Mandatory for CC?
Posted: Mon Sep 13, 2010 12:54 pm
by xjake88x
Should I always use HTTPS when users are inputting credit card numbers & billing info? Do you know any sites that don't use HTTPS? I just want to know if it's a total no-no for web applications.
Discuss.
Re: HTTPS/SSL Certificate - Mandatory for CC?
Posted: Mon Sep 13, 2010 1:19 pm
by Christopher
It is a total no-no to not use encryption when transmitting credit card information. I don't know of and website that does not use HTTPS to submit credit card info.
Re: HTTPS/SSL Certificate - Mandatory for CC?
Posted: Mon Sep 13, 2010 6:03 pm
by xjake88x
Thanks for the help! I'll add ssl certificate onto my clients expenses

Re: HTTPS/SSL Certificate - Mandatory for CC?
Posted: Sat Sep 18, 2010 2:56 am
by kaisellgren
That's right. It's a big no-no, and it would be better if you just used HTTPS all over the site. There are unfortunately sites that do not utilize SSL/TLS and eavesdropping those credit card details is too easy..