Quite recently, OnePlus landed itself in a soup when credit card data of over 40,000 customers was stolen, thanks to its insecure payment page. Xiaomi India could be next, as they too don’t have a secure payment page for the web.
The issue was first reported by a Reddit user. We crosschecked the veracity of these claims ourselves and found them to be true. Even though the page lists “100-percent security guaranteed” for the gateway, the part where you will have to enter credit card details isn’t secure.
Both Chrome and Firefox point out that the page is ‘Not Secure’ and users should refrain from submitting any sensitive data including credit card info and passwords to the page, or to grant any dubious permission.
Now that the issue has been highlighted, Xiaomi India should fix this soon. Meanwhile, you should avoid entering your Credit Card and banking details via web payment page. You can instead opt for the Wallet payment option and pay using Paytm and Mobikwik. In fact, if you are not sure while purchasing from a website, it’s always advisable that you use linked Wallets to make payments.
Also Read: Walmart To Buy 40 Percent Stake In Flipkart
Starting from July, Google’s Chrome will mark any website that doesn’t use HTTPS as Not Secure and this should push site owners to shift to encrypted and secure pages. This should help any malicious script from spying on user data.
Google claims that 80 percent of Chrome traffic on both Chrome OS and Mac and 70 percent of traffic from Chrome on Windows is now protected with HTTPS encryption. As for Chrome traffic on Android, 68 percent traffic is now protected.