Method and system for a secure registration

What is claimed is: 1 . A method for improving security of an exchange of secure customer data between a user and a vendor in an e-commerce system, the method comprising: receiving, by an authorized domain server, an email message containing an email token that identifies the vendor, the email message being generated by activating a mailto link whose predefined body includes the email token; validating, by the authorized domain server, the user based on the email token and a sender email address of the email message, including confirming that the email message was sent from an email address for which the email token was created; and on a condition that the user is validated: hosting, by the authorized domain server, executable JavaScript that causes a client browser to transfer fields of a form associated with the exchange that are designated as data-protected directly to a secure information processing server using an HTML inline frame and a postMessage method so that the data-protected fields do not leave the client browser to a vendor server, receiving, from a user/card registration server in response to processing by the secure information processing server, a token associated with the secure customer data, and transmitting, by the authorized domain server, a redacted subset of the secure customer data together with the token to the vendor when the user has granted the vendor access to the secure customer data. 2 . The method of claim 1 , wherein the email message is received in response to a form that solicits customer information, wherein the form includes a plurality of fields and at least one of the plurality of fields is associated with an attribute. 3 . The method of claim 2 , further comprising transmitting the form to a website operated by the vendor. 4 . The method of claim 2 , wherein at least one of the plurality of fields is not associated with an attribute. 5 . The method of claim 2 , wherein the form is received via an email message. 6 . The method of claim 2 , wherein the form is received via an HTTP transmission. 7 . The method of claim 1 , wherein the email token comprises parameters including an HTTP user-agent header and an IP address associated with a recipient of the email token. 8 . The method of claim 1 , wherein the transmitting to the vendor is performed as an HTTP POST whose payload includes a details parameter and a signature parameter, and the signature parameter comprises a keyed HMAC of the details parameter that the vendor verifies prior to accepting the secure customer data. 9 . A system for improving security of an exchange of secure customer data between a user and a vendor in an e-commerce system, the system comprising: a memory that is configured to store the secure customer data; a communication interface that is configured communicatively coupled to a device of the user; and a processor that is communicatively coupled to the memory and the communication interface, wherein the processor is configured to: receive, using the communication interface, an email message containing an email token that identifies the vendor, the email message being generated by activating a mailto link whose predefined body includes the email token; validate the user based on the email token and a sender email address of the email message, including confirming that the email message was sent from an email address for which the email token was created; and on a condition that the user is validated: host executable JavaScript that causes a client browser to transfer fields of a form associated with the exchange that are designated as data-protected directly to a secure information processing server using an HTML inline frame and a postMessage method so that the data-protected fields do not leave the client browser to a vendor server, receive, from a user/card registration server in response to processing by the secure information processing server, a token associated with the secure customer data, and transmit, using the communication interface, a redacted subset of the secure customer data together with the token to the vendor when the user has granted the vendor access to the secure customer data. 10 . The system of claim 9 , wherein the email message is received in response to a form that solicits customer information, wherein the form includes a plurality of fields and at least one of the plurality of fields is associated with an attribute. 11 . The system of claim 10 , wherein the processor is further configured to transmit the form to a website operated by the vendor. 12 . The system of claim 10 , wherein at least one of the plurality of fields is not associated with the attribute. 13 . The system of claim 10 , wherein the form is received via an email message. 14 . The system of claim 10 , wherein the form is received via an HTTP transmission. 15 . A non-transitory computer readable storage medium storing instructions for improving security of an exchange of secure customer data between a user and a vendor in an e-commerce system, the instructions when executed by a processor of an authorized domain server cause the authorized domain server to perform operations comprising: receiving an email message containing an email token that identifies the vendor, the email message being generated by activating a mailto link whose predefined body includes the email token; validating the user based on the email token and a sender email address of the email message, including confirming that the email message was sent from an email address for which the email token was created; and on a condition that the user is validated: hosting executable JavaScript that causes a client browser to transfer fields of a form associated with the exchange that are designated as data-protected directly to a secure information processing server using an HTML inline frame and a postMessage method so that the data-protected fields do not leave the client browser to a vendor server, receiving, from a user/card registration server in response to processing by the secure information processing server, a token associated with the secure customer data, and transmitting a redacted subset of the secure customer data together with the token to the vendor when the user has granted the vendor access to the secure customer data.