nanog mailing list archives
Re: CVV numbers
From: Barry Shein <bzs () world std com>
Date: Sat, 9 Jun 2012 15:30:55 -0400
On June 9, 2012 at 12:12 web () typo org (Wayne E Bouchard) wrote:
The main weakness of CVV2 these days is "form history" in browsers. (auto complete). Now, if someone can get ont your PC, they not only get the credit card number (which there are myriad different ways to get) but the CVV as well so that mechanism is, now, all but useless.
Oh c'mon, all but useless? Look at all the ifs/ands/buts. They need access to your form history which actually is useless if the merchant's form just uses a password-type field, etc. Yeah, a lot of these techniques are useless if your computer etc is completely pwned. But they help if you're not. Credit card fraud prevention is all about percentages, not absolutes. Even just requiring a valid credit card number and expiration date and nothing else probably prevents, I dunno, 98%+ of all potential fraud, probably 99%+. The rest is about squeezing down that last percentage point or two and generally discouraging crooks from trying. One of the PITA frauds credit card companies deal with is someone in the household, like your teenage kid, taking your card physically out of your wallet and using it w/o your permissin and then you call in when you see the bill that you never ordered $100 from iTunes or bought any cool sneakers at the mall. That's probably more common than a lot of the other frauds you imagine. A lot of these techniques at least prove that *someone* had your card physically if they suspect this was not fraud but, rather, "unauthorized use". People will also try to deny charges they simply regret, like a night at a bar with strippers particularly that one in the blue hot pants, who the h*** KNEW she got $300 for a lap dance and $50/glass for the Kristal, doesn't seem fair not fair at all...it's some backpressure. -- -Barry Shein The World | bzs () TheWorld com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
Current thread:
- CVV numbers Hal Murray (Jun 09)
- Re: CVV numbers Lynda (Jun 09)
- Re: CVV numbers Owen DeLong (Jun 09)
- Re: CVV numbers Alexandre Carmel-Veilleux (Jun 09)
- Re: CVV numbers Wayne E Bouchard (Jun 09)
- Re: CVV numbers Barry Shein (Jun 09)
- Re: CVV numbers John Adams (Jun 09)
- Re: CVV numbers Scott Howard (Jun 09)
- Re: CVV numbers Matthew Palmer (Jun 09)
- Re: CVV numbers Owen DeLong (Jun 09)
- Re: CVV numbers Lynda (Jun 09)
- Re: CVV numbers Jimmy Hess (Jun 09)
- Re: CVV numbers Scott Howard (Jun 09)
- Re: CVV numbers Aled Morris (Jun 09)
- Re: CVV numbers Barry Shein (Jun 10)
- Re: CVV numbers Barry Shein (Jun 10)
- Re: CVV numbers Jay Ashworth (Jun 09)
- Re: CVV numbers Owen DeLong (Jun 10)