Categories
Rants

Computicket.co.za Provides Insecure Credit Card Transactions

Computicket, “South Africa’s leading ticket booking site” (?? say what?) has changed their online transactions system so that credit card payments are no longer secure when purchasing a ticket online. (And its not a “secure frame inside an insecure window” thing either.)

Furthermore, according to their “Terms and Conditions”
‘1.1 By purchasing tickets via this website, you expressly aggree :
3.4 You further indemnify Computicket and/or the promoters or clients for which it is acting as agent, against any claims in respect of any loss or damage resulting from or related to :
3.4.6 any breach of privacy or security by any person or entity;’

I think this is bullshit. Computicket should at the very least take responsibility for the security of your credit card transaction. They have just created a cheap cop-out here to indemnify themselves for their own poor business, web development and testing processes.

And here’s a nice image of the insecure page asking for your payment details.

An interesting thought is that most Computicket outlets are using a similar web-based interface when you do over-the-counter bookings. I wonder if those transactions are also being thrown around the net at random. Time to go fetch my crocodile- clip-to-ethernet connector.

Pity their support hours are pretty much 9am to 6pm from the looks of it. Frankly I couldn’t be bothered to warn them. I’ve done that too often and received a lot of flak. I’m not a frikkin babysitter. Or maybe I should – Why, you ask? For the benefit of all who want e-commerce to be successful in this country.

One reply on “Computicket.co.za Provides Insecure Credit Card Transactions”

Thanks
At least someone is watching his little padlock. There was one particilar section of the site that was not going to the secure page. A little coding error (secure site redirect said “false” instead of “true”) on my part caused events that had only general admission/unreserved seating to display a form that did not go the secure site.

As for our retail outlets, thay are in fact using a java applet that always connects securely for credit card transactions.

Alex

Leave a Reply to Alex GrässerCancel reply