Comment by TheHappyOddish
2 years ago
This is correct and the GP is (confidently) talking nonsense.
However the big issue is most normal users would not have the ability to see if they're using an embedded iframe or cross origin JS from Stripe, Braintree, etc.
He is not talking no-sense. He is talking what he perceives as a user.
the same way that when you get a refund, you dont see the money back immediately. What the user doesn't know is that when you pay a business, the same thing happens, and the business don't get the money immediately.
And to pay by credit card feels much more insecure than using paypal or amazon pay, even if it isn't.