View unanswered posts | View active topics It is currently December 12th, 2018, 1:00 pm



Reply to topic  [ 8 posts ] 
 "Not Secure" SPM webstore Issue 
Author Message
Minion
User avatar

Joined: November 11th, 2015, 5:18 pm
Posts: 212
I was trying to log into my SPM account yesterday/today as I received an email of having a package sent to me (not sure what exactly is being sent) from them and making some direct only purchases for SPE. I get the mesasge that the site is not secure and that I should not enter any sensitive information on the site. I tried on different devices (my desktop and tablet) and also different browsers (Chrome, Firefox. and Silk) and get the same message. Has anyone have issues with their store this past week? I sent a message to them on Facebook, but not sure if I will get a response anytime soon with Gencon happening.


August 18th, 2017, 3:54 pm
Profile
Minion
User avatar

Joined: July 19th, 2016, 1:21 pm
Posts: 77
Location: England
I don't know if this helps but I did do a pre-order the new Twilight Kinight a few days ago but I hadn't received that message...however the email the you typed sounds very familiar to other "purchases that I made" or "having a package sent to me", PLEASE DO NOT OPEN THEM AT ALL!!! (or do anything with them...you could look but do not touch any 'pdf folders' or 'links') as these are hackers/viruses.

If you know that you ARE going to be receiving a package then make sure you know that you will be expecting a package. The kickstarter Legends will not be with us any time soon...oh and it doesn't need to be from SPM as it could be from any online company like Amazon.

Stay true to yourself and stay safe. ;)


August 18th, 2017, 8:06 pm
Profile
Minion
User avatar

Joined: December 11th, 2015, 9:22 pm
Posts: 67
Issue appears to be that their SSL Certificate expired. The certificate was only good through August 15, 2017 at 5:41 PM. Hopefully their tech ninja's can get it resolved quickly, as it could definitely hurt sales (like the new SDE cross-overs just put up).

That said, the forum doesn't appear to use SSL at all (at least should for logins), so hopefully when they renew their cert they can get it to also cover this. Granted a webforum account probably isn't super important, but if people use the same username/password elsewhere it could pose a problem.


Last edited by rudehero on August 19th, 2017, 12:19 am, edited 1 time in total.



August 18th, 2017, 10:20 pm
Profile
Employee
User avatar

Joined: August 22nd, 2016, 6:01 pm
Posts: 695
I asked about this. This is the response I got (don't know anything about tech stuff myself):


"Google changed the way they register ssls the page where you look at things no longer shows up as being ssled but the check out pages do. There is an ssl on our site and the encryption is working."

_________________
The Demogorgon tires of your silly human bickering!

Email: justin.gibbs@ninjadivision.com


August 18th, 2017, 11:15 pm
Profile
Minion
User avatar

Joined: December 11th, 2015, 9:22 pm
Posts: 67
Justin, I'd definitely have them take another look. There is encryption, you will just have to manually choose to add an exception to the complaint your browser gives. This is generally bad practice and could turn people away. You can see in the pic below that the certificate being used clearly expired on the 15th.

Like I said, it will still work if users manually push through, but browsers will warn that the site is unsecure/untrusted until a new SSL cert is issued.

Image


August 19th, 2017, 1:01 am
Profile
Minion
User avatar

Joined: November 11th, 2015, 5:18 pm
Posts: 212
Thanks rudehero, killseal, and Justin for the feedback/followup. I see the option to make an exception. For new customers and returning customers that don't know about it though, it likely will deter them from purchasing through the web store. It definitely made me worried when i saw the message pop up.


August 19th, 2017, 2:28 am
Profile
Dungeon Boss
User avatar

Joined: March 14th, 2012, 4:33 pm
Posts: 1032
Location: Utah
Just to be on the safe side, I chose the option to checkout via Paypal- and that's the only place where actual credit card info got typed.

This is definitely something you'll want to have fixed, though. The google pop up blocking you will definitely stop some sales from happening.

_________________
Image Garden Ninja Studios


August 19th, 2017, 5:02 am
Profile WWW
Minion
User avatar

Joined: November 11th, 2015, 5:18 pm
Posts: 212
This most likely is a coincidence, but my credit card had fraudulent activity on Friday/Saturday. So I hope SPM can update their website soon as there are some products that I would like to purchase.


August 21st, 2017, 5:34 pm
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 8 posts ] 

Who is online

Users browsing this forum: No registered users and 50 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group
Designed by STSoftware.