Collaborate Disseminate
I was trying to use a state-owned mobile payment app to conduct some transaction on the internet and, thanks to an error message, I found out that my card number and the amount I’m paying were sent via a GET request.
Other data on the requ… Continue reading Is it okay that a payment app is sending my payment details via a GET request? [duplicate]
I’m working on designing a credit card payment form whose core functionality is provided by a payment processing company ("upstream").
Upon some transaction errors the upstream returns the detail (*one kind at a time) of the user… Continue reading Credit card form : Is it neccessary to obscure error messages?
If you are logged in with your Google account and click "Manage your Google Account," you can then edit your payment profile. But you cannot (1) see the complete card number except for the last 4 digits or (2) change the number o… Continue reading Question about the cause of the differences in Google Pay features
As a non security expert, I’m looking for advice from those who are.
I work with company X who have hired company Y to develop their website. Company Y needs to integrate server-side online payment and has asked company X for the secret (p… Continue reading Web developer needs customer’s private key
We are a large e-commerce website trying to introduce a feature by which customers can save their credit card details securely. We are aware of the need for PCI compliance and working out the necessary security aspects. If singe-use tokens… Continue reading What is the difference between a multi-use and a single-use credit card token [closed]
I have made purscase using my card. After entering the otp, application said CVV wrong but my money got debited from my account but the seller says he doesn’t receive the money . Can you help me? What is the problem here and how can I get … Continue reading CVV incorrect payment success [closed]
Using Javascript, say a customer buy a product that cost 10$.
Many payment gateways, like PayPal and Stripe, offer a client side Form where you input the sale data (price, amount, buyer address, etc), and it’s being sent to the gateway (e…. Continue reading How to secure a price passed to a payment gateway on client?
Let’s say that I have a website where I want to sell homemade goods. I want customers to be able to pay for the goods without too much hassle.
A common option is to use buttons provided by a payment service like PayPal. The website uses H… Continue reading Adding paygate buttons to HTTP-only website?
We are in the process of designing an app which, simply put, will allow people to accept payments easily.
The customer won’t need an account and we’ll be linking customer data (name, address, and phone) via emails used through their paym… Continue reading Autofilling sensitive information for publicly available form
We have a mobile app (React and Expo) in which the user is able to provide payment via Stripe. Our implementation uses a WebView which renders HTML and JavaScript content, which in turn pulls in the Stripe JavaScript client and implements … Continue reading Is there a security risk in hosting an app’s HTML/JavaScript payment system on a CDN?