Padlock and Secure Payment Page

[silverpuresilver]

Please can anyone help me. :lol:

It has been brought to my attention that the payment page (checkout page) on my website does not have an 'https' address - nor does it have a little padlock at the bottom of the screen.

My payment service provider (SecPay) cannot confirm whether my payment page is secure or not. Without going to my web designers, how else can I find out whether my site is secure or not???

Any advice would be most appreciated as I may have a major issue on my hands. . . . . . :?

Thanks

Karen

 

[SuffolkDesigns]

you need an SSL certificate for this, and then the URL of your secure pages should start https://

 

[Coding Monkey]

If you don't have an SSL certificate, you just have have the payment taken to SecPays server as that will be secure. You just find that people would prefer every part of the website to be secure like if they enter a phone number or anything considered to be confidential information.

 

[Richard Conyard]

The page is secure, it is covered by SecPays SSL certificate. It also does have a HTTPS address.

The reason that you can't see this however is because your shopping basket is in a frame. There are also some other problems because I was looking forward to buying 20 candle sticks at £0.00, but SecPay wouldn't take a zero amount.

 

[silverpuresilver]

Thanks for all your replies.

I wonder why SecPay couldn't tell me that I was covered under their ssl certificate????

How are customers to know that my site is secure if it doesn't have https and padlock????

Richard - I guess you use something other than Internet Explorer - most of my items are free on other browsers - but don't get me started on that one . . :evil:

Karen

 

[Richard Conyard]

Secpay are normally very good, so I don't know why. I guess the main thing is on the technical side they are normally used to dealing with developers.

In terms of the site have you looked at Actinic or something like that? I don't know what you have or haven't spent to get this done, but shopping systems in JavaScript aren't a good idea, it doesn't work properly in Firefox, and to be honest I was getting bugs with IE. If I were malicious it looks like I could also quite simply put in my own prices for your products before proceeding to payment.

 

[silverpuresilver]

Hi Richard

Yes, SecPay may normally be used to conversing with those more technical than myself (that wouldn't be difficult!).

In terms of the site have you looked at Actinic or something like that?

Do I take it that you are not impressed with this site??? :shock: Unfortunately, a lot of money was spent on this website - supposedly to update and replace our old 'actinic' site - supposedly not a frame to be seeen . . :roll: Didn't happen did it? I am also fully aware (unfortunately) that we are not compatible with other browsers - but everything should work fine in IE. :?:

Needless to say we have a few issues with our web designers - so to be honest any constructive criticism would be appreciated, together with any major issues that you think we may come across (ie. can people really input their own prices?).

Thanks

Karen

 

[SuffolkDesigns]

The page is secure, it is covered by SecPays SSL certificate. It also does have a HTTPS address.

The reason that you can't see this however is because your shopping basket is in a frame. There are also some other problems because I was looking forward to buying 20 candle sticks at £0.00, but SecPay wouldn't take a zero amount.

Where do you see that ? When I looked and went to checkout the frame containing the order for was http://www.silverpuresilver.com/silverpuresilver/shopping/show_data.jsp and was definately not secure.

 

[Joanne_UK]

You have to go on the page after the address fields page to see it :

https://www.secpay.com/java-bin/ValCard

It's in a frame that's is why it doesn't show the padlock and https...

 

[SuffolkDesigns]

but the page asking for personal info (name, address etc) is not secure

 

[Richard Conyard]

Does it need to be? I mean your name and address could be found out for free on a number of different systems, without having to sniff your connection.

 

[ink4-u]

it could be but it doesnt hurt to make it a little harder, if people see there is a loop hole there they will start sniffing around, can i say thats a nice site but tell your designers to open it out a little more make it all bigger the products seem a little to enclosed, perhaps its me.

 

[silverpuresilver]

Thanks for all the comments. I guess I'll take your words for it that my site is secure!!!

Ink4-U - I understand what you're saying about making it more secure for peoples personal information and I'll look into it. However, what do you mean about 'opening it out' and the products being too enclosed . . .

Karen

 

[ink4-u]

sorry if i confused you i do it all the time, just the site it very compact i just thought if it was made bigger and the frame everything appears in was opened out more everything would be much more clear and easier to read through.

 

[TWD-Tony]

The only problem you have - and it's a very BIG problem is that if the SSL encrypted page is in a frame then the visitors browser WILL NOT show the SSL padlock symbol...

These days an online shop NEEDS an SSL certificate and the padlock to show that the site is secure, you cannot just "say" that it is and expect people to believe you!
The majority of shoppers have no idea how the padlock works, just that when it is there they are safe and when it is not - they arn't :!:

I would seriously consider getting your designer(s) to look at this, it only needs the payment stage to open in a new window instead of a frame to get the padlock to show :wink:

 

[silverpuresilver]

Hi Ink4U - Our web designers suggested that size of site as it would work on all size monitors(I think!). Is that an issue that would actually pose a problem?

TWD-Tony - thanks for your comments, I agree about the secure page and padlock giving extra confidence to the buyer. I'll be looking into that issue.

Thanks

Karen