Accidently entered personal information over paid VPN


#1

I have accidentally entered my debit card information on PayPal (SSL secure page), while I was logged in on a paid VPN (ibVPN - apparently which doesn't log information). I am kind of worried as the card doesn't require activation on phone, so it can be used for transaction anytime.

I know it's not a good idea to enter personal information on even paid VPNs/proxies (leave alone open ones). But, does SSL protect me somehow? or, there is a good chance that the information has been seen on the servers (even tough it was encrypted by SSL)?


#2

--


#3

He should be conscious about this, as anything can go wrong.

One should always be safe on his side.


#4

I think there is nothing to be worried about.


#5

Unfortunately, canceling the card or associated account is not an option!! But, the card has insurance (tough, claiming it is a big hassle).

Yes, I am conscious about it, that's why I am worried (but then I am might be worrying too much?). The only thing in my defense can be that SSL encrypts the information between my computer and Paypal and the server (even if it tries) can not log it!! Hope someone can shed some light on SSL + VPNs.

PS: I am not in Pakistan, neither is the card of a Pakistani bank.


#6

--


#7

[quote=", post:, topic:"]

Second, if you still are superstitious, transfer the money from your current bank account to a new account. This will solve your problem.

[/quote]

seriously?

thats the best you can suggest…


#8

The only option can be as [neoclue] sugeted.

However which banks card is this...

As i am using of Bank Alfalah's and they only activate it for web transactions, when i request, and yes activation expires after my given time limit say 30 minutes.

So if your card is not activated for Web Transactions then dont worry, or apply for replacement.


#9

--


#10

If you have doubts over SSL based encrypted HTTP Channels then you have to worry otherwise you don't have to as the whole communication channel between your PC and Paypal server is encrypted.


#11

[quote=", post:, topic:"]

If you have doubts over SSL based encrypted HTTP Channels then you have to worry otherwise you don’t have to as the whole communication channel between your PC and Paypal server is encrypted.
[/quote]

Are you sure “ateapple” does not has to worry even though he was logged in to a VPN?

@ateapple

An option i would suggest is to contact Paypal and ask them the same question.

You might also find such information in their ‘terms and conditions’.

Secondly, ateapple, why are u taking so much of time asking people if u are so much worried about. You should have taken action right away before action might take place (Khuda na khawasta) on your card.


#12

^if he used his own machine's browser then why should he? it is same like you are using your ISP or Cable Internet where thousands of others are on same network and can easily eavesdrop your Data. But you don't worry because the Data stream which leaves your computer is encrypted.

What is happening in ateapple's case is this: his PC establishes a VPN connection. Now the traffic in this channel is secured. Within this channel he establishes another secure channel with Paypal. It is like he was running inside a Fat sewerage pipe where no one can see him except people inside the Fat Pipe. Then he enter another Pipe in the Fat Pipe which only he and Paypal can see.

--------------------------------------------------------------

-----------------------

VPN Pipe to ibVPN SSL Pipe to Paypal

------------------------

--------------------------------------------------------------


#13

@ThRiLLeR: I agree with your words on decision, but, taking action is not so easy sometimes! Plus, I do not want to take a big hassle for nothing if the communication between me and Paypal is encrypted, and, I don't know if VPN affects SSL security or not. If the server can log my information (SSL means it shouldn't) then yes, I have to take action ASAP.

@abdulsami: Your logic seems sound to me!! and yes I was logged in on my own machine.