Unverified by Visa

Ben Laurie has a very clear-headed post on security dangers exacerbated by Visa’s VbV programme (the same criticisms seem to apply to similar efforts by other vendors).

The short version is that these mechanisms train consumers to provide their private account data to anyone claiming to be the card issuer. The problem is that there’s no way for the user to know that the data is being transmitted to the vendor rather than an imposter.

It makes you wonder what requirements were given to the people that designed the process. From my experience these verification processes cause a not insignificant drop-off in the success rate of payment processes, ie. fewer sales.  With that (and the security problem) in mind it’s a fair bet that this particular family of  verification mechanisms won’t last that long.

Advertisements

2 Responses to Unverified by Visa

  1. […] Following on from a previous post about how the Verified By Visa and Mastercard SecureCode are training users to give up their identity to anyone who asks for it, apparently some lovely boffins at Cambridge have written a paper on it. […]

  2. […] Following on from a previous post about how the Verified By Visa and Mastercard SecureCode are training users to give up their identity to anyone who asks for it, apparently some lovely boffins at Cambridge have written a paper on it. […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: