On Thu, Mar 16, 2017, at 17:38, John Levine wrote: > In article > <1489684655.3176120.913642288.0d732...@webmail.messagingengine.com> you > write: > >You can make a rule against sending credit cards by email, but if > >customer service reps know it works they might still encourage a > >customer to do it as it's faster and easier than other options (fax, > >mail) and when Something Bad Happens, the customer will rightly blame > >the company. > > So just out of nosiness, when's the last time Something Bad Happened > in real life due to sending credit card info by e-mail?
I've seen companies get their merchant account shut down for storing credit cards in email based ticket systems, this made for a Really Bad Day at said company and for their customers. With that being said, I personally have no problem sending my credit card via TLS secured email. Yes, I will take the time to check that their server supports STARTTLS, no I don't check to see whether it's a secure set of protocols and ciphers. As was mentioned, the real risks are the database, POS systems and other places where bulk collection can happen. I also lock my doors despite the fact that one could simply smash the glass, reach through and unlock the door. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
