Our geeky back-end developer is trying to tell us that we really don't need to have the whole logged-in section of our shopping site be "https" with the browser "lock".
He just wants to put the credit card fields in an https frame (which customers will not be able to see is secured).
As far as we can tell, this is sheer UX lunacy that would be the kiss of death for an e-commerce site today. Consumers absolutely expect that "lock" icon or they think the site is some kind of scam.
But our developer doesn't think it would be so unusual and says it will make his integration easier.
So can anyone refer us to a single major shopping Web site that does not use https and the lock for the entire logged-in account section?