Wednesday, August 22, 2007

A stupid rant

So I went to register for a race today. I figured I would do it online; I mean, who wants to print out an application, write a check (I write maybe one check a quarter, honestly), and put it in a mailbox (I couldn't even tell you how much stamps cost these days, I buy them so infrequently)?

I felt like I was stepping back in time, trying to do this. First off, the interface was terrible. But I'm not here to bitch about bad UI design (even though I could, trust me). What killed me is that the form which allowed you to enter your payment information was not secured! Plaintext http. No SSL. And they wanted me to type in my credit card number.

I do software for a living. I cannot imagine in this day and age that there are third-party websites you can outsource your shopping cart management to which don't use https. I mean, I can't believe there are ones which are still this bad. There are entire companies whose business model seems to be centered around this sort of thing -- gathering registration for races, collecting the money, etc. This isn't a novel problem. We solved this problem a half-decade ago, didn't we?

I was blown away. Here I am telling people how safe it is to use your credit cards online, because everything is secured, blah blah blah. I take it back. It may be 2007, but you still better make sure you're connected via a secured protocol.

No comments: