UKC

I've just enquired about a hotel booking with what I believe to be a bona fide small hotel in France.
They have sent me an email asking me to enter (only for reservation) my card details in an online form.
What concerns me is that the page does not have the usual indication("https..." or the padlock symbol) of being secure.
I have emailed them saying that I would be prepared to give my details on a secure page. Any other suggestions?

In reply to FesteringSore:

Personally I'd just phone them.

In reply to marsbar:

I did wonder whether to get a pre paid card loaded with just enough for that transaction

In reply to FesteringSore:

In practice the chances of a single non-secure transaction going badly for you are very small. The danger is more of a large scale thing, if some large proportion of transactions are unsecure then there's a market for bad guys to make money, and so they'll invest time and effort in to it.

As mentioned above, if you're worried about it just give them a call and tell them your card details over the phone.

In reply to FesteringSore:

Though the fact they are unable to provide a secure Web page via a third party certificate provider makes me wonder if they really are bona fida? You can do this quite cheaply now.

Cheers
Mark

Well, they've not responded to my email asking for a secure page through which to give them my number so... that's a potential customer they've lost. I do wonder how many, if any, do give their card details over a non-secure page.

In reply to FesteringSore:

Why don't you just ring them, as two people have already suggested? You don't come across as the shy type, via your posts on here. Are you scared of ringing them?

In reply to FesteringSore:

If you're on a home internet connection then the chances of the data being intercepted is very remote.

Having a non-HTTPS payment gateway doesn't inspire confidence in the seller though.

In reply to FesteringSore:
It is more symptomatic of their approach to protecting your card details. It probably means they will store your card details including the CVC as plain text in a database. That database won't be protected sufficiently. They may even stick your card details in a spreadsheet just sitting on a PC in the hotel reception. One that many may have access to. The chances of interception during your session on their website may be low. But the chance of someone grabbing the card details whilst they sit around unprotected are much higher.