How secure is your payment information with 3rd parties?

How secure is your payment information with 3rd parties?

Recently I got an email reminder to extend my premium account with Spotify, this was in fact updating my payment data also. First, I received an email to tell me to update this, for me this immediately raised the question was this “fishing”? However, by looking at it, it was not and could login through a link to update my payment data. By clicking on a link, it got me to my payment information;


However, the next step was an experience on its own as it asked to scan my credit card with my mobile device;

This feature that debuted in iOS that lets you to save your credit or debit card information in your browser so that you can auto-fill text boxes when purchasing something online or updating your payment information.

Whenever you’re in a payment page in Safari that needs to be filled out, tap one of the text boxes where your credit or debit card info goes. The keyboard in Safari will then prompt you with the option to “Scan Credit Card.”

Once you select the option, your camera will open and you’ll need to position your card in the frame for it to successfully pull all of the information (name, number, expiration date). The CVC code is entered manual.

Overall the experience was good however a view points that either raise questions or remarks;

  1. How did they take in to account the point of tokenization part within their payment process, during the scanning process or how secure is scanning the credit card information?
  2. How is PCI compliance impacted by this approach?
  3. Why do I not get a notification through the Spotify app to update my payment information?

Again, is more the point of how do you engage your customer in such a way, that it is 100% secure and gives the customer a comfortable feeling, plus experience. Therefore, email notifications asking to update your payment information should be taken out of the customer engagement process.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s