This is an unfortunate revelation. A security services provider discovered that the CVN numbers on the back of credit cards (or front for AMEX) offer basically no protection.
From Heise:
The three digit security code (Credit Card Validation Number, CVN) on credit cards clearly offers insufficient protection from abuse, according to a report on german television channel ZDF’s WISO business magazine program yesterday (Monday). The security code is intended to ensure that the card can only be used by its owner. According to the report, however, possession of a credit card’s card number and expiry date is all a fraudster needs to be able to make purchases online. In tests, security services provider Syss found that at 80 percent of online shops it was in fact possible to simply try out every possible security number online, using, for example, an automated brute force attack.
That is certainly a less than stellar result.
Read on.
[tags]Credit Card Security, CVN, Credit Card Fraud[/tags]