Jump to content

Internet Ticket Sales and Security


Recommended Posts

Didn't know where to put this, and im not too clued up on the law but I was a bit annoyed on Saturday after buying tickets for the game in the Monument club shop.

 

When I was buying tickets the woman selling them was letting people see the computer so they could pick where they would sit. All I needed to do was give them my postcode and my name. When I did that, my account info came up on the screen. However it wasnt just my name and address and what tickets I had bought in the past, my password for signing in on the online ticket sales system was also there for all to see. Not only could the woman selling the tickets see my password, so could all my mates as we were picking where we wanted to sit. Surely this isnt secure?

 

I know the system they use is only like a shitty programme for the old BBC computers, but surely peoples passwords shouldnt be there for the worker to see, never mind anybody who could walk in and give my postcode and name? Ive helped out doing online sales in the past for something else and at no point could I get access to peoples passwords who were logging in to buy things.

 

I didnt say anything at the time because the woman didnt know what she was doing. She ripped the barcode off one ticket and jammed another in the machine. Plus it wasnt too long until the game.

 

Anyone know the law concerning this type of thing because it seems ridiculous to me? :rant:

Link to post
Share on other sites

Guest dazzanufc1892

JJ.........

 

With regards to commercial retention of details for sale purposes, i am not totally up to scratch, but i would assume that it is essential that your password be on the screen as when collecting tickets, or ringing up, it is what you are asked for as a security measure to guarantee your identity, no other way around it, however, i assume that you cv2 number would immediately be encrypted, so no purchases could be made.

 

All new systems are also running 44bit encryptors, which is what the banks are using, so i would be too worried lad

Link to post
Share on other sites

JJ.........

 

With regards to commercial retention of details for sale purposes, i am not totally up to scratch, but i would assume that it is essential that your password be on the screen as when collecting tickets, or ringing up, it is what you are asked for as a security measure to guarantee your identity, no other way around it, however, i assume that you cv2 number would immediately be encrypted, so no purchases could be made.

 

All new systems are also running 44bit encryptors, which is what the banks are using, so i would be too worried lad

 

He does not mean an account password like "fish" as in a keyword to verify who he is, he means his actuall password to his account to access online. Of course they would not be able to buy tickets as they dont have his debit/credit card details but still she could have just went to the nufc website and looked at available tickets and shown him and his mates where they could sit, would have been a better way.

Link to post
Share on other sites

JJ.........

 

With regards to commercial retention of details for sale purposes, i am not totally up to scratch, but i would assume that it is essential that your password be on the screen as when collecting tickets, or ringing up, it is what you are asked for as a security measure to guarantee your identity, no other way around it, however, i assume that you cv2 number would immediately be encrypted, so no purchases could be made.

 

All new systems are also running 44bit encryptors, which is what the banks are using, so i would be too worried lad

 

Could always just ask for letter number 3 and 8 from your password that kind of thing that the bank does. The person your talking to puts it in the pc and if your right it continues if your not it doesn't.

 

It's not so much that the password doesn't give you access to much its more that most people who have a password use it as there main password for everything.

Link to post
Share on other sites

I hope you didn't have an embarrassing password.

Na. haha.

 

It's better when you've gotta call up your bank and provide your password. Of course when signing up you had no idea this would happen, so you thought you'd set your password as 'JJLovesDaPu55y'. Nightmare.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...