[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ILEPILDHBOLAHHEIMALBKEAFEOAA.jasonc@science.org>
From: jasonc at science.org (Jason Coombs)
Subject: Hackers View Visa/MasterCard Accounts
AVS gives the merchant a clue as to whether or not there is high risk posed
by a particular alleged-customer.
Merchants are free to ignore AVS, and many don't even bother to use it.
Anyway, it doesn't impact the "declined" or "authorized" result given to a
shopper at an e-commerce site that implements real-time processing.
Jason Coombs
jasonc@...ence.org
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Richard M.
Smith
Sent: Tuesday, February 18, 2003 5:30 AM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] Hackers View Visa/MasterCard Accounts
Wouldn't the AVS system used by the credit card companies catch this
kind of hack? The AVS system does a rudimentary check to make sure that
the billing address given on a order is correct one for the credit card.
Richard
Powered by blists - more mailing lists