« August 2006 | Main | October 2006 »

September 3, 2006

Easypay is secure, take their word for it

You have to love the deep level of understanding of security demonstrated by builders of the Easypay website.

easypay-security.png

More specifically, the text:

"Note that you may not see the security lock because of the frames design, but we guarantee that your credit card will be securely encrypted."

Who is "we"? The real Easypay site, or a fake website generated as part of a phishing attempt?

As it turns out, if you open up the right hand frame, and check the certificate on that frame, you see it is secured by Thawte. Of course the average user has no idea what a frame is, or how to check a certificate on one.

It is difficult enough trying to teach people to understand the security lock and why it is important while browsing. Trying to convince users a site is secure through a random sentence on a page not only demonstrates gross cluelessness on the part of the website creators, but is also downright irresponsible.