GoFuckYourself.com - Adult Webmaster Forum - View Single Post - CVVS on credit cards, Security questions, etc...

goBigtime · 08-13-2003, 07:45 AM

Man Alive.

I haven't done much e-commerce outside of tons paypaling in a long time.

But I just registered for Western Union and sent someone some money....

The CVVS thing (the 3 digit number on the back of the card) is a joke -- I write "ASK FOR ID" in permanent marker on the back of my cards... so I can barely read the code, and on a couple cards it was scraped off from keys or change or something.

Yet, without that CVVS2 number I wasn't about to do anything with that card.

But my point here is... what good is this information really?

If someone compromises their databases they will have it all anyway? CVVS/2 seems like a joke to me.

They also forced me to select a security question and gave me three commonly used choices of:

Mothers maiden name
Pets Name
And something else that I forgot.

Another bad idea - to lock people into answering the same security questions over and over.

For example: If someone got this database, they might be able to change my hotmail information because they know the answer to say, my Mothers maiden name...

So then they could go change my hotmail address because hotmail suggested I use my mothers maiden name too. (as an example - I didn't really do this obviously)

From there they could access/damage a ton of other things.

08-13-2003, 07:45 AM
goBigtime Confirmed User Join Date: Nov 2002 Posts: 7,761	CVVS on credit cards, Security questions, etc... Man Alive. I haven't done much e-commerce outside of tons paypaling in a long time. But I just registered for Western Union and sent someone some money.... The CVVS thing (the 3 digit number on the back of the card) is a joke -- I write "ASK FOR ID" in permanent marker on the back of my cards... so I can barely read the code, and on a couple cards it was scraped off from keys or change or something. Yet, without that CVVS2 number I wasn't about to do anything with that card. But my point here is... what good is this information really? If someone compromises their databases they will have it all anyway? CVVS/2 seems like a joke to me. They also forced me to select a security question and gave me three commonly used choices of: Mothers maiden name Pets Name And something else that I forgot. Another bad idea - to lock people into answering the same security questions over and over. For example: If someone got this database, they might be able to change my hotmail information because they know the answer to say, my Mothers maiden name... So then they could go change my hotmail address because hotmail suggested I use my mothers maiden name too. (as an example - I didn't really do this obviously) From there they could access/damage a ton of other things.