Distributed commerce is a topic that's near and dear to my heart. Previously on this blog, I’ve covered companies like ThisNext, CartFly, Zazzle, Kaboodle, MPire, and Edgeio and their various forays into allowing commerce to take place at the edge via widgets.
Of this group of companies, only the now defunct Edgeio went all in and allowed actual in widget credit card submission – the rest of these companies take you right up to the purchase point in widget, but then drive you back to home base to execute the transaction.
At the TC50 event, startup Adgregate Markets took the torch from Edgeio by showing off its new commerce widget that allows buyers to execute the transaction within the widget.
I have mixed feelings about this.
I love full featured widgets – we really have come along way from the Last.FM .jpg widget that took a literal snapshot of your listening history chart.
But at the same time, there are all kinds of security issues involved in allowing in widget credit card submission.
For example, let’s say the Adgregate Markets shopping widget and its related affiliate program takes off and becomes a staple on popular blogs. People start to get used to seeing it, and start to trust it.
What’s to stop somebody from mimicking the look and feel of the widget, putting this phishing widget on a blog, and collecting credit card info? Without a trusted, accountable URL associated with the widget, I won’t be entering my credit card info any time soon.
Here’s an example of the Adgregate Markets widget (I promise, it’s the real one and not something I hacked together to phish for credit card numbers).
For more on the security risks associated with in widget credit card submission, check out Sasha's post on the Redfin blog.
