(medium.com)

1121 points alokedesai | 1 comments | 28 Oct 15 19:51 UTC | HN request time: 0.212s | source

Show context

ericsidelis ◴[28 Oct 15 21:55 UTC] No.10467716[source]▶

The fact that I can still log in is scaring me, I never signed up for this and nor did I even get an email. My credit card details which are valid are still present.

I find it hard to believe this information was sold and if it was, were they storing credit card info in plain string format. Wouldn't each of those businesses need an encryption key to decrypt secure card numbers. Wonder if they sold that too. Either way props to John for posting this on Medium and of course Aloke on HN.

replies(1): >>10468005 #

1. grossvogel ◴[28 Oct 15 22:56 UTC] No.10468005[source]▶

>>10467716 #

Third party processors will store the card info securely and then provide only parts of it back to you via an API call. Stripe's API includes the last 4 and expiration date, as you can see here[1], so Fly Maids may not have all of that data.

[1] https://stripe.com/docs/api#cards

↑

Didn’t Homejoy Shut Down?