nanog mailing list archives
Re: CVV numbers
From: Scott Howard <scott () doc net au>
Date: Sat, 9 Jun 2012 14:31:44 -0700
On Sat, Jun 9, 2012 at 7:14 AM, Joel Maslak <jmaslak () antelope net> wrote:
That said, the purpose of CVV is to stop *one* type of fraud - it's to stop a skimmer from being able to do mail-order/internet-order with your card number. The CVV is not on the magnetic strip, so a skimmer installed at the ATM or gas pump won't be able to capture it.
No, it's to stop more than one type of fraud - however your point is correct in that it's not designed to stop *all* fraud, it's just one of many layers of prevention. In addition to the one you've mentioned, the CVV2 also stop the card being fraudulently being used in any situation where the card number has been leaked, such as a database of card numbers being hacked, a receipt with the full number on it (rare if at all existent these days), etc. The rules on CVV2 numbers basically say that the number can never be recorded by the merchant after the transaction has been processed, which pretty much means that they can't store it at all in any form. If a database is hacked, the CVV2 number will not be there. Scott
Current thread:
- Re: CVV numbers, (continued)
- Re: CVV numbers Jimmy Hess (Jun 09)
- Re: CVV numbers Scott Howard (Jun 09)
- Re: CVV numbers Aled Morris (Jun 09)
- Re: CVV numbers Barry Shein (Jun 10)
- Re: CVV numbers Barry Shein (Jun 10)
- Re: CVV numbers Jay Ashworth (Jun 09)
- Re: CVV numbers Owen DeLong (Jun 10)
- Re: CVV numbers Gary Buhrmaster (Jun 10)
- Re: CVV numbers Stephen Sprunk (Jun 09)
- Re: CVV numbers Scott Howard (Jun 09)