What is the Amazon Honor System?

The Amazon Honor System is a safe and easy way for you to support your favorite Web sites and to buy digital content on the Web. Amazon.com has successfully completed hundreds of millions of online transactions and has more than 29 million customers. Now, the Amazon Honor System lets you use Amazon.com payment technology to make payments to Web sites as small as $1.00.

Web sites use the Amazon Honor System to collect voluntary payments from their users and to accept payment for digital content. In many cases, the Honor System is the only way a Web site can economically collect small payments. In others, the Honor System allows the Web site to raise money for continued operations without resorting to intrusive banner advertisements.

How does the Amazon Honor System paybox know my name?

When you look at a Web page, the words and pictures you see actually may come from several sources. Your browser software assembles the pieces and displays them as a single page. On the Web site you were visiting, most of the content you saw was transmitted from server computers used by the site's operator. The image made up of the paybox and your name displayed within the paybox was different--we sent it to you directly from Amazon.com. This allowed us to recognize you by name just like we do when you visit the Amazon.com Web site. Because Amazon.com's servers transmitted the image containing a paybox and your name within the paybox directly to your browser software, the site owner never saw the paybox or your name and never received any information about you.

Even if it is secure, this strikes me as rather disconcerting. I'm sure there are cross-site scripting attacks that would allow the site operator to obtain your name from the URL of the image.