making sure what you think is secure, really is secure!

What is CreditCardNanny?
CreditCardNanny is a web browser plugin that detects forms that otherwise look secure - proper and valid SSL certificate, encrypted and seemingly safe enough to enter sensitive data such as credit card details - but actually then submit this form data in a cleartext email to the site administrators!  This completely defeats the purpose of SSL and encrypted communications.  

Is this really a problem?
Yes.  If your details are processed using cleartext emails, anyone can trivially obtain these details and steal any sensitive information you may have entered in a form.

Are such sites common?
Yes.  We have seen a number of respectable websites that implement forms this way.  The website owners are not necessarily malicious, developers sometimes just take shortcuts when building websites.

How can I detect such forms?
Use the CreditCardNanny browser plugin.

How much does CreditCardNanny cost?
CreditCardNanny is free and will never charge for usage.  CreditCardNanny is open source under the BSD license.  The source code for the plugin is available here.
Is my favorite browser supported?
CreditCardNanny is currently available for Google Chrome and Firefox browsers (on Windows, MacOS and Linux).  If you would like to help porting the plugin to other browsers, get in touch.

Where can I get it?
Extension for Firefox: install (all operating systems)
Extension for Google Chrome: install (all operating systems)

My website has been flagged by CreditCardNanny!  What can I do about it?
Join the Google Group and get in touch.

How can I report bugs, etc?
Use our issue tracker.

I'd like to get involved, improve the plugin, write plugins for more browsers, etc.
Join the Google Group and get in touch.

Where can I test this plugin?
Browse to this demo form we have that submits to a mailer script: