My rant of day: secure payments online. fail 101
Lately i have been paying my bills online. I have great belief and trust for the state of security that modern giants have especially when online payments are done. But, lately i have become wary about the tardiness of some companies to take web security for granted. The last payment i did, was one i did for family and this is a top-up for the mobile. The general assumption, is that it is all secure to run payments online. Wait, no. Make sure, you "watch" your surroundings on a website. When there is a payment page generally, you would not want to have anything on that page. This only increases the attack surface for a hacker. You would want a separate page, that only has HTTPS transaction, and does what is necessary. However, this spectacular vendor, failed security 101. It is definitely dense to have a "search bar" and other non-secure Artefacts on a secure payments page. Even Chrome said its a site worthy of snooping or an attack. Hell no, i am not going to