Ease of Entertainment compromising Security
For a few days I have been observing a lot of my friends trying to use a local web-based movie reservation website called TheCinema. The website seems to be very impressive with jazzy flash, attractive animations, seducive e-posters and ease of ticket reservation using online payment gateways.
But I have been having this in mind regarding how secure is this website and would like to share with other readers:
- The website is fully loaded with flash only including the page that communicates to the payment gateway. This brings us to a problem where we can not ascertain where actually the credit card information are passed. Ethically, any website should facilitate submission directly to the Payment Gateway and only retrieve the results from the Payment Gateway. Thus we are confronted with a piquant situation of whether the credit card information is maliciously held by this website.
- When we first load the website, a SSL certificate discrepancy is presented. This again raised our eyebrow regarding the authencity or credibility of the website.
- We have personally written about a couple of emails regarding this to the developers of the website but have’nt even recieved any responsible response hitherto, which again makes us feel suspicious whether these would be one another fly-by-night operator, amassing credit card information from the people.
It is high time that financial institutions and administration wake up from the slumber to watch what is going on behind the scenes. While it is easy and flexible entertainment at the click of the mouse, the same compromising the financial security of the people and hence the nation can not be tolerated.