Products > Security
Secure URLs
Mjolinor:
I was just renewing my Direct Line car insurance online.
This involves a automatically popping up chat window from a HTTPS URL. During this chat he opens another pop up window that appears next to the original chat window into which I am supposed to enter my card details.
Are these pop up windows covered by the original HTTPS certificate?
I do realise that everyone should know stuff like this but I didn't so I refused to enter my details. The chat guy kept telling me it is secure but so did the Nigerian that told me an African prince had left me millions of £.
mariush:
A good browser will show the address bar even on popups. Or you can right click on title bar and check "show address bar" , "show menu bar" etc
For example, here's the "Manage attachments" on jonnyguru.com forums ... I see the address bar and I can click on the I logo to get information about security :
Bob Moore:
I usually check for the domain, if it's the same as the one on the main page it should be okay. I've never seen any attempt on stealing someone's information on a chat window, on pop-ups that redirect to other sites yes.
rdl:
Seriously? They expected you to enter credit card numbers in a pop up window?
electrolust:
--- Quote from: Mjolinor on June 22, 2019, 09:40:46 am ---
Are these pop up windows covered by the original HTTPS certificate?
--- End quote ---
who cares? you are covered to max £50 liability on your CC, by law. most issuers extend that to £0.
nobody is stealing CC data in transit, they are stealing stored data. https isn't protecting you, and neither does it matter if it's the same site/cert or not. your insurer's stored data is just as likely to get popped (actually more so) than an independent CC processor's.
if you must, have 2 CC. One for recurring payments only, one for all others. That way when the main one is compromised, at least you don't have to re-do your recurring payments.
it's just misplaced worry.
Navigation
[0] Message Index
[#] Next page
Go to full version