[oytis]

Isn't paying with credit card over phone weird enough? Anyone eavesdropping on the phone line gets full access to your card details, not to say that the person on the other side of the line gets it.

Normally I would expect an https-protected webform of a trusted payment processor.

[teh_klev]

It's very common in the UK and known as a "Cardholder Not Present" transaction. The merchant needs explicit permission from their payment provider to be able to process these transactions either via their handheld terminal or an equivalent "terminal" running on their PC or payment provider website.

There are strict rules about not writing down cardholder details etc as well. You're correct, these are riskier transactions and the cost per transaction can be higher for the merchant to be able to accept payments this way.

[murph-almighty]

I agree that this practice is pretty insecure but this is pretty common. I've paid for pizza delivery like this before because a lot of local places won't give their drivers a card reader.

[ghaff]

It's less common than it used to be but it's still incredibly common to to give a credit card number over the phone to pay for something (primary experience in US).

[bovermyer]

Are you sure this is as uncommon as you suggest?

[oytis]

I have seen it only once so far when one minor German publisher asked me to send the same details per snail-mail. Luckily they also had other options.

I can't really know how common it is in UK, never been there, but I would definitely be surprised.

[jkaplowitz]

Can confirm it's normal enough in both Canada and the US, though the security code is only sometimes requested. I don't have knowledge either way about this question for the UK.

[Angostura]

It's incredibly normal in the UK. You can pay for your delivery pizza that way, or your car insurance or whatever.