BreachExchange mailing list archives
Re: semi-OT: OTP(urchase)
From: "Adrian Sanabria" <adrian.sanabria () gmail com>
Date: Mon, 27 Feb 2006 20:47:26 -0500
Interesting. All these implementations seem to be limited to use online though, which doesn't really solve the data security problems though it might help a small minority. For something like this to really have an impact, it would have to be designed and officially supported by VISA and Mastercard, and would have to work at Brick-And-Mortar merchants just as well as online merchants. Without using some kind of token device, I don't see any way that could be done today. On 2/27/06, Steve Smith <steve.smith () gcmail maricopa edu> wrote:
Adrian Sanabria wrote:If there is such a thing, I can't see it being anything more than just an idea at this point. For such a system to work, the back-end transaction processors would have to support it, and I know the products the larger ones support, and none of them feature a use-once-and-throw-away number.Fwiw, Citibank has had "Virtual Account Numbers" for several years now. Used to be an app that ran in the Windows tray that'd spew a unique number into the browser (only really worked right w/ IE) but now they claim to have a web version for Macs and "others". Regards, SteveOn 2/23/06, *Hobbit* <hobbit () avian org> wrote:Does anyone have good pointers to where one could go for more info on MBNA ShopSafe, or whatever one-time mechanism AMEX is/was offering, or any other currently working schemes to generate a unique one-time credit-card-number equivalent per transaction? Or even per vendor, that I've heard somewhere is also possible? I'm at complete ground zero WRT any knowledge of this stuff, but it sounds like the folks here might be up on these things. Probably best to reply privately and I can summarize later if folks want. tnx _H* _______________________________________________ Dataloss mailing list Dataloss () attrition org https://attrition.org/mailman/listinfo/dataloss_______________________________________________ Dataloss mailing list Dataloss () attrition org https://attrition.org/mailman/listinfo/dataloss-- There is no Gecko, only Zuul.
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
Current thread:
- semi-OT: OTP(urchase) *Hobbit* (Feb 23)
- Re: semi-OT: OTP(urchase) Adrian Sanabria (Feb 24)
- Message not available
- Re: semi-OT: OTP(urchase) Adrian Sanabria (Feb 27)
- Re: semi-OT: OTP(urchase) Chris Walsh (Feb 27)
- Message not available
- Re: semi-OT: OTP(urchase) Adrian Sanabria (Feb 24)
- <Possible follow-ups>
- Re: semi-OT: OTP(urchase) *Hobbit* (Mar 01)