Quote:
Originally Posted by BV
Let's delv into this a moment.
Hypothetically let's say I surf a tour and join abcwebsite.com through xyzbill.com 3'rd party processor and purchase a user/pass.
At some point I will go back to abcwebsite.com to access the members link and my user/ pass will have to be in the htpassword file on abcwebsite.com's domain, otherwise I will not get access, which in turn I would notify abcwebsite.com's owner if I did not get access.
To play into your theory further, say for example 1000 other people do the same and join abcwebsite.com and somehow get redirected to a mirror. Do you think 1000 customers are going to be redirected to a mirror site and not notice what url they are on?
Furthermore out of those 1000 customers at least 10% or more are going to email abcwebsite for something like "I forgot my password" or "please cancel my subscription", etc etc... Then abcwebsite will try to look up their info in the xyzbill admin and notice something is not right.
I hope this helps you see how yes you are correct it is possible BUT not very likely. And yes there are laws on the books to cover this if it did happen. It's called theft.
Hope this helps ease your mind or anyone else s for that matter.
|
How about processors that issue to the new member an already existing passcode that is already in your ht access file? That way, the processor keeps the sale, and the user gets access to your site under a shared passcode. Security programs like Strongbox will allow up to 3 or 4 multi IP log ins with the same IP address before auto blocking the passcodes.
I'm not a computer wiz, but all I know, in this digital world, if you can think it, it can be done. The programs for skimming are so sophisticated and un detectable we all have no idea how they function.