5 {{ upvoteCount | shortNum }}
5 {{ upvoteCount | shortNum }}

Should a Non-HTTPS Secure Checkout Be a Deal Breaker?

by AbcAbcwebd
4 replies
  • ECOMMERCE
    • |
I've been doing research on a small wholesale distributor I'm very interested in buying from. Most of the due diligence I've done checks out. (I know where they're based. I know the owners full name.) I was getting close to placing my first small order when I noticed the page where they ask for your credit card number is HTTP as opposed to HTTPS.
I've always heard never enter your credit card information on an HTTP web page. So I put my order on hold.

I figure I could just place an order over the phone, or else maybe use a temporary VISA gift card if I don't want to enter my real card number on their site. But it's made me a little uneasy now. Is the fact that they don't have an HTTPS checkout page a bad sign for the company as a whole? Or is that something that's common with smaller distributors?

I'm pretty new to sourcing products online and I still don't feel like I have a good sense of how much due diligence is enough due diligence, and at what point you have to just bite the bullet and place an order.

Thanks!
#breaker #checkout #deal #nonhttps #secure
  • Profile picture of the author Ben L
    HTTPS with the little lock bar on top of your ID are consider security encryption.
    These encryption should base by 128 or 256 bit.

    If I'm not wrong, when you pass your information thru an encryption page.
    Your information will be encryption and become
    uwysh1928jwoasnwih29omwij0

    It will become 128 character instead of 1 character to prevent hacker from accessing your data.

    So HTTP is flaw for your payment information.

    You should get a wholesaler that offer payment thru payment gateway like 2checkout or paypal, etc.
    {{ DiscussionBoard.errors[9690508].message }}
  • Profile picture of the author Mark Singletary
    The security with the https and the little padlock isn't protecting you from the vendor, per se. It's protecting your CC information as it travels from your house to the vendor's website server. Without the encryption, anyone with the know how can get your CC #.

    Now if you are worried about the vendor themselves being honest, calling them on the phone allows them to write down your CC# on a napkin and set it in their purse for their next shopping spree.

    Likewise, depending on their setup, sending the CC to them - even with the https - may cause the CC to be vulnerable on their computer. In other words, once it gets to their database, they may be able to see your CC info - even with the padlock.

    But in my humble opinion yes, the lack of proper security makes the entire outfit look shady or at least incompetent - whether they are or not. and is a deal breaker.

    Mark
    {{ DiscussionBoard.errors[9690557].message }}
  • Profile picture of the author Loridori4
    It is REQUIRED by credit card companies that you have a secure site when accepting transactions. We have to jump through Security Metrics hoops twice a year and we have the Green Super secure SSL.
    So NO I would NOT enter my credit card info on that site! Send them a check!
    Signature

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Lorraine Pierce, CEO & Founder
    LA Minerals

    {{ DiscussionBoard.errors[9697175].message }}
  • Profile picture of the author AbcAbcwebd
    Thanks all for the advice! I appreciate it!
    {{ DiscussionBoard.errors[9725103].message }}

Trending Topics