[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVV numbers

Subject: CVV numbers
From: scott at doc.net.au (Scott Howard)
Date: Sat, 9 Jun 2012 14:34:03 -0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

On Sat, Jun 9, 2012 at 12:12 PM, Wayne E Bouchard <web at typo.org> wrote:

> The main weakness of CVV2 these days is "form history" in browsers.
> (auto complete).

Any website requesting a CVV2 in a form field without the form
history/autocomplete being disabled is in breach of PCI compliance, and
risks losing their ability to accept credit cards.

That's not to say there aren't some that do it, but to call this the "main
weakness" of CVV2 is simply wrong.

  Scott

Follow-Ups:
- CVV numbers
  - From: mpalmer at hezmatt.org (Matthew Palmer)

References:
- CVV numbers
  - From: hmurray at megapathdsl.net (Hal Murray)
- CVV numbers
  - From: shrdlu at deaddrop.org (Lynda)
- CVV numbers
  - From: owen at delong.com (Owen DeLong)
- CVV numbers
  - From: acv at miniguru.ca (Alexandre Carmel-Veilleux)
- CVV numbers
  - From: web at typo.org (Wayne E Bouchard)

Prev by Date: CVV numbers
Next by Date: CVV numbers
Previous by thread: CVV numbers
Next by thread: CVV numbers
Index(es):
- Date
- Thread