| > Is this a minority view? I don't know, maybe. I have zero liability on credit card purchases, and while it's certainly an inconvenience I never don't buy something because my details might be leaked. Who cares, why put yourself through the constant mental effort for an event that happens maybe once or twice a decade if you are exceedingly careless? I absolutely despise being sent to a third party site - usually a broken one that takes forever to load, with some annoying "security" authentication, or OTP, etc. when really all I wanted was amazon one click and to move on with my life. By far the #1 way a small merchant can get me to click the buy button is make it easy for me to checkout and pay. If I have to sign up for an account, be redirected around the world, etc. I generally tend to lose interest and just go back to newegg/amazon. Note that this sometimes is a third party payment link such as Paypal due to the nature of the service - but you have to think about user experience first, not last. Also your requirement makes absolutely no sense to me. If a merchant is compromised to the point that javascript can be injected, it's not much more difficult at all to direct you to a fake paypal skimmer that you likely won't notice. I agree it raises the bar a bit, but not by an appreciable degree. |
Not quite right. Many banks make you liable for the first $50, for each occurrence of fraud. Also they typically require you to notice and report a fraudulent charge within 30-90 days or else you are liable for 100% of the amount.