[off-topic] Re: EOS Re: OT: scanning CCs (was: Somebody willing tohelp ?)

Sun, 17 Nov 2002 23:04:37 -0800 

Hi Henry / B&H (+everybody else too)!


I've been watching this thread with (I must confess) some real amazement.

First of all, why do you think a scan or fax image of a CC will make it
more real? We all have photoshops here! Surely, you have better ways to
validate the card.. for instance against the address and even asking from
the CC company - I do not know, but I really can't believe that this faxed
image of a CC would make it more real somehow.

Secondly, if you insist that customers either send you a fax or email the
scanned image of cc, you are putting your customers in great risk.
Listening to a fax is probably very easy, but you need to have good
connections. BUT listening to a unprotected email IS very easy. Period. If
you insist that customers send images (or even just the numbers) of their
CC cards in an email that is not encrypted in any ways (I trust that you
have SSL at your web-server) you are putting them in great risk. More so
if you require them to send images of both sides of their CC's. On the
back there is usually one more security providing number that is not
commonly needed in transactions. But the scan of it will give thievs even
more information about your customers CC's and thus make it more easy for
them to do a CC fraud.

So, to sum it up, it does seem exactly so that you are trying to protect
your selves without any consideration to the safety of your customers. I
advice that nobody would never ever send any CC information to anybody
over unsecured email. That is just so darn easy to intercept. There are
lot's of programs out there that will do this. If you want to use email,
get PGP! And B/H, if you are doing this, please stop putting your
customers in this kind of risk!

Safe shopping,
        Hugo.

************************************************************
**   Hugo G�vert                                          **
**   [EMAIL PROTECTED]             http://www.hut.fi/~hugo   **
************************************************************
**   Sometimes I think the surest sign that intelligent   **
**   life exists elsewhere in the universe is that none   **
**   of it has tried to contact us.   -- Calvin.          **
************************************************************


*
****
*******
***********************************************************
*  For list instructions, including unsubscribe, see:
*    http://www.a1.nl/phomepag/markerink/eos_list.htm
***********************************************************

Reply via email to