Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Hackers View Visa/MasterCard Accounts

From: "Jason Coombs" <jasonc () science org>
Date: Tue, 18 Feb 2003 08:00:37 -1000
AVS gives the merchant a clue as to whether or not there is high risk posed
by a particular alleged-customer.

Merchants are free to ignore AVS, and many don't even bother to use it.

Anyway, it doesn't impact the "declined" or "authorized" result given to a
shopper at an e-commerce site that implements real-time processing.

Jason Coombs
jasonc () science org

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Richard M.
Smith
Sent: Tuesday, February 18, 2003 5:30 AM
To: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] Hackers View Visa/MasterCard Accounts


Wouldn't the AVS system used by the credit card companies catch this
kind of hack?  The AVS system does a rudimentary check to make sure that
the billing address given on a order is correct one for the credit card.

Richard


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: