undefined | Better HN

0 pointslozenge7y ago0 comments

You're teaching users it's OK to give out their account information "sometimes". Which is much less secure than "never".

0 pointslozenge7y ago0 comments

You're teaching users it's OK to give out their account information "sometimes". Which is much less secure than "never".

0 comments

5 comments · 2 top-level

ralph847y ago· 3 in thread

I give out my credit card number hundreds of times per year. Credit cards wouldn't be very useful if you never gave them out.

WoahNoun7y ago

An ecommerce site has a merchant agreement with a payment processor to comply with PCI DSS. This does not. It is in no way similar.

zbruhnke7y ago

FYI we are complying with PCI DSS when you use this site - you can read details in the FAQ

2 more replies

laughinghan7y ago

I give out my credit card number hundreds of times per year to websites that I have not verified have a merchant agreement with a payment processor to comply with PCI DSS.

In terms of what users are taught (which is plainly the context of the comment you are replying to), this website is identical to ecommerce sites.

travisjungroth7y ago

What about buying things? This is the same info that would go in an order form.

j / k navigate · click thread line to collapse