American Express may not Encrypt Your Online Transaction

By Dipankar Das, Gaea News Network
Wednesday, May 26, 2010

amex It must be scary to think that the biggest credit card companies have some serious lapses in online security. Unix man Joe Damato recently found that American Express is not maintaining the basic rules of security online. So, it is a word of caution if you are an American Express card holder, it is better that you avoid online banking in the short term.

When he requested among other things his credit card number, expiration date, and security code, he took a look behind the scene. He found that American Express is not using Secure Hypertext Transfer Protocol (HTTPS). They are sending the data (which contains full credit card numbers) back to their servers in plain text form. There is no encryption, no hiding, no scrambling, no nothing. So, the credit card company is running all of the transaction which is pretty much open to all without the knowledge of the owner. So, the information is free for hacking and picking.

YOUR VIEW POINT
NAME : (REQUIRED)
MAIL : (REQUIRED)
will not be displayed
WEBSITE : (OPTIONAL)
YOUR
COMMENT :