>I made the experience that most customers
>are afraid to encode their credit card
>numbers into an internet order form.
I can tell you this as a hard fact, through
my own experience: people have no problem
whatsoever filling in an online order form
with their credit card, as long as it's an
SSL encrypted page. If it's a plain Web page
asking for their card details then forget it.
>why I am telling my homepage-visitors that
>if they want to pay by credit card they
>should send the details by fax. That avoids
>abuses of "bad guys" in 99.99% of all cases!
Fax is safer than the Web, sure, but if you
have the ability to accept credit cards and
you're asking people to fax their details to
you, I can guarantee that you're losing at
least 60% of your potential sales because
you're making it too difficult for people
to order - you're putting barriers up.
By today's standards, 40 bit SSL encryption is
nothing to write home about - my PGP key is 2048
bit (officially uncrackable). However, only one
in a thousand people a) is able to use it and b) could
be bothered to use it, even if they were able to,
so as a sales tool it's completely useless.
On the other hand, somebody could bug your
telephone more easily than they could sniff your email,
so maybe you should stop taking telephone orders?
It's a ridiculous idea, but the same principle applies.
I'd say fax has the confidence but involves too much
hassle, whereas an encrypted page has just the right
balance of ease of use and confidence to make it the
Personally, if my customers are comfortable
with my SSL encrypted Web page and they want
to pay me money through it, then I'll take
it, thank you very much!