Return of the shopto paranoia....

Fishfingers wrote:

Alvin Flummux wrote:It isn't the online stores saving the data though, it's the web browser... right?

No, when you give ShopTo your credit card details they store them on a server which clearly they haven't secured properly. This alone should be enough for the company to cease trading, never mind the fact that the dude who owns it has already been disqualified as a director.

Where is your proof on this?

abcd wrote:

Fishfingers wrote:

Alvin Flummux wrote:It isn't the online stores saving the data though, it's the web browser... right?

No, when you give ShopTo your credit card details they store them on a server which clearly they haven't secured properly. This alone should be enough for the company to cease trading, never mind the fact that the dude who owns it has already been disqualified as a director.

Where is your proof on this?

Exactly. The old rumour was just that, a rumour.

Their server hasn't been hacked by anyone so how is it not secure?

I actually got done 18 months ago for a grand on my card. I always assumed it was my NUS card purchase that was when they got stolen as that was the only out of the ordinary purchase I made. But I just checked and coincidentally there is a Shopto payment at exactly the same time so i'm actually wondering if it was this instead.

Actually fishfingers is right, they do store card details, I recently got an email saying for security purposes they have removed my details due to me not buying anything for 3 months.

Zellery wrote:

abcd wrote:

Fishfingers wrote:

Alvin Flummux wrote:It isn't the online stores saving the data though, it's the web browser... right?

No, when you give ShopTo your credit card details they store them on a server which clearly they haven't secured properly. This alone should be enough for the company to cease trading, never mind the fact that the dude who owns it has already been disqualified as a director.

Where is your proof on this?

Exactly. The old rumour was just that, a rumour.

Their server hasn't been hacked by anyone so how is it not secure?

The proof for this is that ShopTo do store card details on their server, although they are removed after a few months of inactivity. Whether or not the server was hacked is another matter altogether. Fishfingers makes a valid point though, in that if the card details aren't stored at all, then fraud cannot take place, because there are no details to be stolen.

Nook29 wrote:

Zellery wrote:

abcd wrote:

Fishfingers wrote:

Alvin Flummux wrote:It isn't the online stores saving the data though, it's the web browser... right?

No, when you give ShopTo your credit card details they store them on a server which clearly they haven't secured properly. This alone should be enough for the company to cease trading, never mind the fact that the dude who owns it has already been disqualified as a director.

Where is your proof on this?

Exactly. The old rumour was just that, a rumour.

Their server hasn't been hacked by anyone so how is it not secure?

The proof for this is that ShopTo do store card details on their server, although they are removed after a few months of inactivity. Whether or not the server was hacked is another matter altogether. Fishfingers makes a valid point though, in that if the card details aren't stored at all, then fraud cannot take place, because there are no details to be stolen.

People need to check for fraudulent activity if they've ordered from both Play and Amazon too then.

Most sites store your cards, some people think this is convienent, as it enables such "luxuries" as express checkout, but like Fishy said this process should be illegal, as your bank card details should not be held on a database of any kind (except for possibly at the bank itself!)

Zellery wrote:

Nook29 wrote:

Zellery wrote:

abcd wrote:

Fishfingers wrote:

Alvin Flummux wrote:It isn't the online stores saving the data though, it's the web browser... right?

No, when you give ShopTo your credit card details they store them on a server which clearly they haven't secured properly. This alone should be enough for the company to cease trading, never mind the fact that the dude who owns it has already been disqualified as a director.

Where is your proof on this?

Exactly. The old rumour was just that, a rumour.

Their server hasn't been hacked by anyone so how is it not secure?

The proof for this is that ShopTo do store card details on their server, although they are removed after a few months of inactivity. Whether or not the server was hacked is another matter altogether. Fishfingers makes a valid point though, in that if the card details aren't stored at all, then fraud cannot take place, because there are no details to be stolen.

People need to check for fraudulent activity if they've ordered from both Play and Amazon too then.

Except those sites didn't recently have an SSL certificate error that lead to thousands of CC details being leaked/stolen.

Zellery wrote:People need to check for fraudulent activity if they've ordered from both Play and Amazon too then.

People should do that anyway.

Sarge wrote:

Zellery wrote:

Nook29 wrote:

Zellery wrote:

abcd wrote:

Fishfingers wrote:

Alvin Flummux wrote:It isn't the online stores saving the data though, it's the web browser... right?

No, when you give ShopTo your credit card details they store them on a server which clearly they haven't secured properly. This alone should be enough for the company to cease trading, never mind the fact that the dude who owns it has already been disqualified as a director.

Where is your proof on this?

Exactly. The old rumour was just that, a rumour.

Their server hasn't been hacked by anyone so how is it not secure?

The proof for this is that ShopTo do store card details on their server, although they are removed after a few months of inactivity. Whether or not the server was hacked is another matter altogether. Fishfingers makes a valid point though, in that if the card details aren't stored at all, then fraud cannot take place, because there are no details to be stolen.

People need to check for fraudulent activity if they've ordered from both Play and Amazon too then.

Except those sites didn't recently have an SSL certificate error that lead to thousands of CC details being leaked/stolen.

Which wasn't proven?

Although they didn't actually come out & say they had a leak, they did conveniently have some downtime to fix something the same day that people started to claim that they had leaked their details.

I used my card on ShopTo, then I was raped.

Coincidence? I think not.

Jimmy Shedders wrote:I used my card on ShopTo, then I was raped.

Coincidence? I think not.

Sarge wrote:Except those sites didn't recently have an SSL certificate error that lead to thousands of CC details being leaked/stolen.

Except that was actually founded to be false and never happened.

Zellery wrote:

Sarge wrote:Except those sites didn't recently have an SSL certificate error that lead to thousands of CC details being leaked/stolen.

Except that was actually founded to be false and never happened.

Really?

Seem to remember them claiming they didn't have a certificate issue when various sites were posting images of them receiving warnings that the site wasn't secure.

Sarge wrote:

Zellery wrote:

Sarge wrote:Except those sites didn't recently have an SSL certificate error that lead to thousands of CC details being leaked/stolen.

Except that was actually founded to be false and never happened.

Really?

Seem to remember them claiming they didn't have a certificate issue when various sites were posting images of them receiving warnings that the site wasn't secure.

Go back and find the full story and actually read the conclusion.

Zellery wrote:

Sarge wrote:

Zellery wrote:

Sarge wrote:Except those sites didn't recently have an SSL certificate error that lead to thousands of CC details being leaked/stolen.

Except that was actually founded to be false and never happened.

Really?

Seem to remember them claiming they didn't have a certificate issue when various sites were posting images of them receiving warnings that the site wasn't secure.

Go back and find the full story and actually read the conclusion.

The conclusion?

Summary?

Or are you talking about the post on the Shopto forums saying they had no fault/leak just before their site went down for maintenance. (which just so happened to stop all the security alerts)

Zellery wrote:People need to check for fraudulent activity if they've ordered from both Play and Amazon too then.

Why those two?

I don't know why the big argument about this. Its no big deal, either check your statements if you are concerned or don't if you are not worried.

Buffalo wrote:

Zellery wrote:People need to check for fraudulent activity if they've ordered from both Play and Amazon too then.

Why those two?

I was just using two more examples of sites that store your card details. People were talking like it was only Shopto that do this.