DFR is an online retailer that sells picture frames The software running on DFR’s website enables customers to log in and make purchases by inputting an email address as a user name and a password that must contain at least eight characters, including upper and lower case letters, numbers and punctuation marks (e.g. £, $ or!) Once logged in, customers can check previous orders that they have placed.
Customers can also use DFR’s website to change personal details, including credit card numbers and delivery addresses Whenever they wish to use those facilities, the software sends a text message containing a six-digit number to their mobile phones They must input that number before the system will accept changes to their personal details
Which TWO of the following statements are correct?
A . It is illogical to have different security measures in place for orders and for access to personal details.
B . The software treats customers’ personal details as being more sensitive than their ordering histories
C . The arrangement with the text message will have no effect on the security associated with changing personal details
D . Customers should be able to update the mobile phone numbers in their DFR accounts using only their email addresses and passwords for access
E . The software should never show the whole of a customer’s credit card number on screen, even if the customer has logged in and input the six-digit number.
Answer: C,E
Leave a Reply