Bad visa credit card website security questions

bad security questions

Security questions used for website security are generally a terrible idea, as the information is often easy to obtain. The classic example is mother’s maiden name. For famous people, this is easily available on the web, and anyone determined can find this for less famous people. The examples on this form have many poor choices, that are easily found out, favourite niece (I only have one niece), street you grew up on.

What really smacks me about this one, is how restrictive it is. Firstly it’s annoying that I have to use one word for my first car (not my real answer) which would also be an annoyance for “street I grew up on.” I also couldn’t use Paris as my honeymoon location. Secondly, it seems bizarre (and unlikely) that their database cannot store spaces nor punctuation, eg St. David’s Street. A no-brainer rule of passwords is – the more complex the password, the harder for a hacker to crack.

Advertisements

Selling knives online

Having recently had a crack on the knuckles from Ebay for selling a multi-function tool that had a knife blade, I thought I’d check up on the UK legislation on selling knives online.

Ebay policy on knives

Ebay’s policy is explained here but in a nutshell, you can only sell

  • dining cutlery sets that include knives used for eating
  • letter openers
  • Razor blades and surgical blades
  • Tools such as chisels, axes, saws and hoof trimming tools

So you can sell a chainsaw, an axe, a circular saw but not a craft knife or multi-tool.

UK knife law

The legislation that covers this is Section 141 of the Criminal Justice Act 1988 which (for England and Wales) states*

(1)Any person who sells to a person under the age of eighteen years an article to which this section applies shall be guilty of an offence and liable on summary conviction to imprisonment for a term not exceeding six months, or a fine not exceeding level 5 on the standard scale, or both.

(2)Subject to subsection (3) below, this section applies to—

(a)any knife, knife blade or razor blade,

(b)any axe, and

(c)any other article which has a blade or which is sharply pointed and which is made or adapted for use for causing injury to the person.

(3)This section does not apply to any article described in—

(a)section 1 of the Restriction of Offensive Weapons Act 1959,

(b)an order made under section 141(2) of this Act, or

(c)an order made by the Secretary of State under this section.

(4)It shall be a defence for a person charged with an offence under subsection (1) above to prove that he took all reasonable precautions and exercised all due diligence to avoid the commission of the offence.

* the legislation is under review and subject to amendment. Check the official site for the most up to date information
So what can retailers do to prove all reasonable precautions were taken. Southwark Trading Standards carried out an interesting exercise in 2009 in purchasing knives online, showing that 93% of online retailers were non-compliant, compared to 19% for knives shops purchased in person by under 18s. It is not a defence to say only 18+ can own a credit or debit card as in this exercise “they used prepaid cards which they had registered by submitting their true names and ages.”

In the case of Southwark, the online retailers were given warnings and were subjected to further checks.

I would be interested to know of people’s experiences of age verification services /software, especially in the UK.