Weld Pond wrote:
Programs needing secure entry create a "secure entry field" which is really just an imagemap with the digits (and alphas if required) placed randomly about. The user then uses the mouse to click on these numerals. Ideally the graphics that represent the numerals would be drawn from a random pool and are misformed to thwart any OCR attempts. The graphics could be made even more difficult to OCR by mixing in words and pictures to represent the numbers.
The web page could be implemented with javascript, which could collect the keyclicks without any round trips to the server, and just send the encrypted credit card number. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.