Yesterday I was out with the girlfriend, ordered a few drinks. We were short on cash, so we decided to pay with a credit card... after taking a sip, our bartender informed us of their $20 minimum! This didn't make me too happy since I usually only have 1 drink. At the end of the night, we were up to $14, and I was going to just use the tip to make the total above $20, but they refused to give my card back unless my order was over $20.
I've seen a few places charge $5 or $10 minimums for credit card transactions, but $20 was outrageous. I felt extorted, so when I arrived home, I decided to do some research, and quickly discovered that every major credit card's terms of service (for merchants) is that they cannot charge minimums, maximums, or transaction fees.
I set out to pay a fee to pandora.com (highly recommended, BTW, and available for free to people who don't use it a huge amount). The page where I was to enter my credit card number showed a URL that started with "http://". So I sent them a note and asked. They replied:
"The tuner embedded in the site is a Flash application is 'https' secure. . .
Our site has been approved in its current form by FDC (parent company of Linkpoint) on behalf of Visa/Mastercard/Discover) and also separately by American Express. Amex is particularly picky about security, by the way.
I understand that a mixed mode page can be confusing to some users. The technique has become much more common as active content sites have proliferated. By all means, the hyper-cautious are welcome to add an "s" to the url before proceeding."