For the online payment, your website used a pop-up. This does not indicate if it is a secure connection or not.
Please update the design or options so the security (or lack?) is visible.
Good point. The checkout (popup / modal) is actually handled directly by Stripe, which is a fairly well know payment processor. Your credit card information never even hits our servers, which is generally a good thing.
You can read more about Stripe's security here if interested: https://stripe.com/docs/security/stripe
@Dave Rapin: Dave,
Before I paid, I learned that you were using stripe, and I looked at the pop-up page code to determine it was likely secure. That was after trying a different computer, and different browsers, looking for a more appealing (obviously secured) page.
You are a client of Stripe. You can provide feedback, or ask them how to use a different interface so it looks less like a spoofing popup.
I have no doubt of stripe’s security. I have been training people not to accept pop-ups that look like what Stripe presented as it processed your payment.
@Rick Collins: I'll ping Stripe about it. I'm pretty sure that you can't submit an HTTP post from an HTTPS page (browser will prevent or at least warn you I believe).
Maybe we can add some badges or at least a logo on it though to make it look a little more official. Would that be enough in your opinion?
@Dave Rapin: I recommend we add a small but evident "Powered by Stripe" badge to the form (something like these: https://www.google.ca/search?q=powered+by+stripe+badge&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiogPbH_IrZAhURwGMKHf3OAv8Q_AUICigB&biw=1421&bih=677), perhaps with an SSL badge, as per a similar discussion at https://ux.stackexchange.com/questions/62148/including-both-stripe-badge-and-ssl-badge-for-credit-card-form.
Good UX suggestion for buyer assurances, Rick. Keep 'em coming. . . .