<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.6944.0">
<TITLE>RE: [Asterisk-biz] CC Fraud</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New"> </FONT></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">There is only one way to get around this right now, and that is to use</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">Visa's 3d Secure, which requires the user to basically log into a Visa</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">authorized site, and provide more information. MasterCard has something</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">called SecuriCode (I think?) which is supposed to be deployed later this</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">year around the globe, and is basically the same thing.</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">> </FONT></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">Look, the "Card Verification Codes" (CVC/CVV/CVV2) don't do jack.</FONT></SPAN><SPAN LANG="en-us"><B> <FONT SIZE=2 FACE="Courier New">It was</FONT></B></SPAN><SPAN LANG="en-us"><B></B></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><B><FONT SIZE=2 FACE="Courier New">></FONT></B></SPAN><SPAN LANG="en-us"><B> <FONT SIZE=2 FACE="Courier New">a BS marketing ploy by MasterCard in the mid 90s to create an illusion</FONT></B></SPAN><SPAN LANG="en-us"><B></B></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><B><FONT SIZE=2 FACE="Courier New">></FONT></B></SPAN><SPAN LANG="en-us"><B> <FONT SIZE=2 FACE="Courier New">of security. All it does is extend the card number by 3 or 4 random</FONT></B></SPAN><SPAN LANG="en-us"><B></B></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><B><FONT SIZE=2 FACE="Courier New">></FONT></B></SPAN><SPAN LANG="en-us"><B> <FONT SIZE=2 FACE="Courier New">digits.</FONT></B></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">The solution to this isn't an account/pin solution (which is</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">what a CVC really is) but a fully qualified challenge/response</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">mechanism. Otherwise, CVC codes just become databased like anything</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">></FONT></SPAN><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Courier New">else.</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">[DC]</FONT></SPAN><SPAN LANG="en-us"> </SPAN></P>
<BR>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">My thoughts exactly.</FONT></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">Cheers,</FONT></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New">Dean</FONT></SPAN></P>
<P ALIGN=LEFT><SPAN LANG="en-us"><FONT SIZE=2 FACE="Courier New"> </FONT></SPAN></P>
</BODY>
</HTML>