Collaborate Disseminate
I’m building an app that uses Braintree for processing payments. According to the documentation, I need a server-side endpoint that returns the clientToken, which is then used to manage a user’s vault and process payments, so I’m trying to… Continue reading Is braintree clientToken supposed to be public?
Let’s take some examples:
Pay Pal, Apple Pay (examples via Saferpay) – will not load in an iFrame
Visa Checkout, Stripe (example), Saferpay (link above) – credit card data can be input in an iFrame
Is there any technical/security reason … Continue reading Why some payment methods allow being embedded in an iframe and some don’t?
So, the other day I was charging my prepaid VoIP account from sipgate.de via credit card payment. I chose 10 Eur which is the default and entered my card details.
As usual, I was redirected to a different payment processor which itself red… Continue reading Visa Secure / TAN App showing wrong amount charged [closed]
I was trying to use a state-owned mobile payment app to conduct some transaction on the internet and, thanks to an error message, I found out that my card number and the amount I’m paying were sent via a GET request.
Other data on the requ… Continue reading Is it okay that a payment app is sending my payment details via a GET request? [duplicate]
I’m working on designing a credit card payment form whose core functionality is provided by a payment processing company ("upstream").
Upon some transaction errors the upstream returns the detail (*one kind at a time) of the user… Continue reading Credit card form : Is it neccessary to obscure error messages?
If you are logged in with your Google account and click "Manage your Google Account," you can then edit your payment profile. But you cannot (1) see the complete card number except for the last 4 digits or (2) change the number o… Continue reading Question about the cause of the differences in Google Pay features
As a non security expert, I’m looking for advice from those who are.
I work with company X who have hired company Y to develop their website. Company Y needs to integrate server-side online payment and has asked company X for the secret (p… Continue reading Web developer needs customer’s private key
We are a large e-commerce website trying to introduce a feature by which customers can save their credit card details securely. We are aware of the need for PCI compliance and working out the necessary security aspects. If singe-use tokens… Continue reading What is the difference between a multi-use and a single-use credit card token [closed]
I have made purscase using my card. After entering the otp, application said CVV wrong but my money got debited from my account but the seller says he doesn’t receive the money . Can you help me? What is the problem here and how can I get … Continue reading CVV incorrect payment success [closed]
Using Javascript, say a customer buy a product that cost 10$.
Many payment gateways, like PayPal and Stripe, offer a client side Form where you input the sale data (price, amount, buyer address, etc), and it’s being sent to the gateway (e…. Continue reading How to secure a price passed to a payment gateway on client?