Archive for the ‘pbs fail’ tag
Verified by phishers
3D Secure is also known as “Verified by Visa(TM)” and “MasterCard SecureCode”. Like a lot of people, I really do not like how it is implemented - mainly due to bad UX. Normally, when I shop with a Visa or MasterCard – I’m sent (via the danish payment hub PBS) to my own online bank, where i enter a OTP.
Just the other day, something had changed in the process; I was now being presented with a page from PBS. Acting on a hunch, I took extraordinary measures to confirm the authenticity of the site. Everything checked out – It was legit.
“Never attribute to malice that which can be adequately explained by stupidity.” I thought – and continued.
Create your “Verified by Visa” code. Create my what now? Could you please tell me the purpose of this before you start asking questions.
The user experience was terrible. With popups and mixed languages. “Write a personal statement, that will be shown, every time you shop in a participating online shop. It’s safe for you to enter your code, when you see your personal statement.”
I quickly entered by “personal statement” that contained <script> tags.
But – to my astonishment, the “Personal statement” was accepted.
The common phishing site has better user experience than this.