http://arstechnica.com/security/2015/12/common-payment-processing-protocols-found-to-be-full-of-flaws/