"David Woolley" wrote in message
...

The confirmation phrase is snake oil. Anyone with your basic card details
can get it.


One-off dynamic card numbers would do away with the whole thing?

"tim...." wrote in message
...

"Mark Opolo" wrote in message
...

"Chris K" wrote in message
...
I spend ££££52 gazillion per year on web - Never really had problem

Of late Debit/Credit cards having been trying to persuade me to sign up
for some extra online security feature that will basically shorten my
life by one hour everytime i buy something

So far there has been a box saying "not at this time" - which i click,
finish my purchase and carry on with my otherwise pedestrian life

Just tried to buy game from Tesco, and after spending 3 weeks creating
new account and entering all my card details, etc, yaaaaaaaaaawn! i
tried to checkout and was greeted with:


"Authentication Required For Purchase"
"Your card can be registered now for Verified by Visa - a new, free
security service to help prevent unauthorised use of this card when
shopping online. It is required for this purchase, which cannot be made
without it."

"Complete the form below [...and die of boredom]"


Although the operative word is still in use here "card ****CAN*** be
registered"

It wont let me complete the purchase without completing the form - so in
fact they mean "card ****MUST*** be registered"

Slip of the tongue maybe - hope someone slips a mallet into the head of
the poster of this big brother message

Question: Is online verification now compulsory or still supposedly
optional?????????


P.S. Oh yeah - cancelled the purchase and bought game from play.com
instead










I use Verification on my MasterCard and it adds 10 seconds to a
purchase...........you just have to enter a password.

I'm asked so rarely I've forgotten it,

so then I have to go through the rigmarole of resetting it.

A right PITA

Of course, I could write it down :-(

tim




ABCDEFG...:-)

On Jun 19, 4:33*pm, David Woolley
wrote:
johannes wrote:

Depends on the internet retailer; some use it, some don't. I don't see any
problem with extra security.

As implemented, it doesn't add security, but does give the banks an
excuse to reject claims that your card was used fraudulently.

Exactly.

*It could
be secure, if they taught people how to use the security in their
browsers properly and insisted that the form be served, unframed,
directly from a site with an SSL certificate for the bank. However
merchants like to present a seamless interface, where their payment
agents and banks don't appear overtly.

The confirmation phrase is snake oil. *Anyone with your basic card
details can get it.

I could not agree more. In one case I only needed my birthday in
addition to my card number to set a new VbV password.

On Sat, 19 Jun 2010 15:47:40 +0100,
David Woolley wrote:
Retailers tend to be held responsible for chargebacks if 3D Secure is
not in effect, and customers tend not to be able to make them if it is
in effect.

I have this problem - I have no idea where the problem lies but it's
related to my card(s) because it happens to me on multiple different
browsers on different machines and yet my girlfriend using my login at
home managed to buy using her card without a problem.

But, I've found that provided you disable Javascript just before you
"buy" then the VbV stuff does seem to work. GNER/National Express/East
Coast has had this problem for ages - and now I've found that Ocado has
the same problem.

It has also been carefully engineered to be indistinguishable from a
phishing attack. In fact, I think the reason Ocado fails is because
Firefox/NoScript blocks some of the Javascript thinking it's a cross
site scripting attack. (I've only ordered from Ocado once, next time
I'll watch more closely to see what happens)

Tim.


--
God said, "div D = rho, div B = 0, curl E = - @B/@t, curl H = J + @D/@t,"
and there was light.

http://www.woodall.me.uk/

In uk.finance Chris K wrote:
Question: Is online verification now compulsory or still supposedly
optional?????????

Card issuers can turn it off. It's possible to have a card that skips the
VbV/3DS step (the browser might bounce you to the VbV site, but it'll bounce
straight back again to the website you were paying).

Theo

"Martin" wrote in message
...
Chris K wrote:
I spend ££££52 gazillion per year on web - Never really had problem

Of late Debit/Credit cards having been trying to persuade me to sign up
for some extra online security feature that will basically shorten my
life by one hour everytime i buy something

So far there has been a box saying "not at this time" - which i click,
finish my purchase and carry on with my otherwise pedestrian life

Just tried to buy game from Tesco, and after spending 3 weeks creating
new account and entering all my card details, etc, yaaaaaaaaaawn! i tried
to checkout and was greeted with:


"Authentication Required For Purchase"
"Your card can be registered now for Verified by Visa - a new, free
security service to help prevent unauthorised use of this card when
shopping online. It is required for this purchase, which cannot be made
without it."

"Complete the form below [...and die of boredom]"


Although the operative word is still in use here "card ****CAN*** be
registered"

It wont let me complete the purchase without completing the form - so in
fact they mean "card ****MUST*** be registered"

Slip of the tongue maybe - hope someone slips a mallet into the head of
the poster of this big brother message

Question: Is online verification now compulsory or still supposedly
optional?????????


P.S. Oh yeah - cancelled the purchase and bought game from play.com
instead










What the **** are you on about?


Just told you donkey

"johannes" wrote in message
...



Depends on the internet retailer; some use it, some don't. I don't see any
problem with extra security.

Great - so long as I steer clear of Tesco in future i wont get harassed -
shame - i have used them loads times before and they'r getting competitive -
oh hum

On Sat, 19 Jun 2010 15:50:05 +0100, "Ret." xxx wrote:

Mark Opolo wrote:

I use Verification on my MasterCard and it adds 10 seconds to a
purchase...........you just have to enter a password.

And not even the full password!

And if you get it wrong three times in a row they just ask you to
supply a new one. The only security information they require is stuff
on your card plus your date of birth (which is all they ask for in the
first place).

So anyone who has stolen (or even just got a good look at) your card
and knows your birthday and how old you are can sign themselves up for
it and make purchases in your name.

As a security measure against fraud it's pathetic.

--
Max Demian

In message , johannes
wrote

Depends on the internet retailer; some use it, some don't. I don't see any
problem with extra security.

But it's not "extra" security for you. After giving all your details to
a retailer a Verified by Visa phising page comes up asking for more
details.


--
Alan
news2009 {at} admac {dot} myzen {dot} co {dot} uk

On 6/19/2010 10:44 PM, Chris K wrote:


"johannes" wrote in message
...



Depends on the internet retailer; some use it, some don't. I don't see
any
problem with extra security.

Great - so long as I steer clear of Tesco in future i wont get harassed
- shame - i have used them loads times before and they'r getting
competitive - oh hum

It will be compulsory for everyone soooner or later.