Wednesday, March 06, 2013


[This is bad, and this is just the beginning of this blog post...]

Update March 29, 2013: SSL config is now at grade A! Congratulations!

(brandname) is issued by Entercard, a joint venture between Swedish Swedbank and Barcleys Bank Plc. The irony of a credit card company not having a PCI-DSS compliant website is amazing. The lack of knowledge concerning users' selection of PIN codes is obvious, the lack of proper security for e-mail based marketing is shocking.

I hope this blog post will be read, understood and acted upon properly ASAP by those in charge.