RE: E-commerce Security???

From: Chris Merkel (
Date: 09/05/01

Message-ID: <>
From: Chris Merkel <>
To: 'jaywhy' <>,
Subject: RE: E-commerce Security???
Date: Wed, 5 Sep 2001 08:15:20 -0500 

> I guess my question is, How do you keep customer
> information secure? And I'm also guessing my question has no
> right answer.

There are two correct answers:

1. Customer information is kept secure by not keeping it at all.

2. Merchants do the best they can.

Your rant is interesting, but ultimately pointless, because for every
security measure there is, there is a way to circumvent it.

Some miscellaneous points:

Time = Money - By making it very time-consuming for thieves to get in, you
lower the value of the item(s) they are after.

Security is not an all-or-nothing process, but an ongoing effort to take the
profit out of stealing information.

The more valuable something is, the more security will be placed around it,
that's why many people keep canceled checks in the file box at home and
their stock certificates in a safe deposit box at the bank.

The online world is more secure than the offline one. Who do I feel safer
giving my credit card information to? or the waitress in the
diner at the truck stop on the interstate?

Chris Merkel
Geo-Synthetics, Inc.

Relevant Pages

  • Re: Now, I Wonder. . .
    ... "Dear Customer, ... Due to the on-going security updating at Barclayswealth, ... more secure online banking experience. ... Barclayswealth Internet Banking Security Team." ...
  • dynamic security in AS2005...
    ... I want to secure the customer name attribute of my customer dimension. ... The user can see only the customer name if my "security" cube allow this. ...
  • Re: Do insecure e-commerce sites violate any laws?
    ... customer is asked to put the credit card number, expiry date, etc. the ... protocol changed from HTTPS (Secure) to plain HTTP. ... Since sensitive personal information is transmitted over an insecure ... One of the 8 principles of the Data Protection Act is that personal ...
  • Re: Do insecure e-commerce sites violate any laws?
    ... Iain wrote: ... One of the 8 principles of the Data Protection Act is that personal information is secure: ... The banks offer nightsafes and standard letter boxes - if a customer chooses to post their envelope with £5k in it thru the letterbox, ...
  • RE: [PHP] redoing website after 7 years
    ... How is the relationship with your customer? ... Some say that you should design a secure website from the beginning. ... One tricky part in the disussion is that you where able to "define globals ... on again in .htaccess" so if I was customer and I had to pay for it I would ...