PDA

View Full Version : EAA Payment site insecure ...



mbond
04-09-2014, 11:18 AM
Got an email that i needed to change my credit card info with EAA. I generally don't use credit cards on 3rd party sites and pay via paypal, but EAA doesn't seem to support this yet.

So, in light of the recent heartbleed openssl bug, i thought i'd check EAA's SSL security.

Good news. Not affected by Heartbleed.
Bad news. Scored an "F" on SSL tests and is "insecure"

https://www.ssllabs.com/ssltest/analyze.html?d=secure.eaa.org

So, i can update my credit card info on an insecure website or i can call someone and give them my information over the phone (which isn't secure either).

Maybe i'll generate a temp credit card number from bank of america and use that. :)

Blue Chips
04-09-2014, 12:12 PM
So did my site and so did my bank :), personally if if I see a https and/or a lock I'd be good to go on using it. Individuals are not responsible for fraudulent use of their cards, we likely pay for it all right just in hidden charges.

1600vw
04-09-2014, 12:52 PM
This is why I use a PayPal credit card or Debt card. I can then follow all transactions online. Paypal has gone to court for me a couple times. We have won both times and I never had to do a thing. In fact one day I was flying when we had court. When I arrived back home I had an e-mail we won our case, I knew we would.

Tony

jessiereal24
10-30-2014, 11:56 PM
Interesting! Well, I'm still looking for the best, honest, and reputable bank that doesn't include additional charges. However, I have heard that a huge class action suit regarding overdraft fees (http://personalmoneystore.com/moneyblog/bofa-settles-lawsuit-410-million/) involving Bank of America recently was settled by the giant retail bank. To settle the suit, Bank of America has agreed to pay $410 million. There are an astonishing number of plaintiffs in the case. The suit is an amalgamation of similar suits against a large amount of banks.