OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [Dataloss] semi-OT: OTP(urchase)

From: Adrian Sanabria (adrian.sanabriagmail.com)
Date: Mon Feb 27 2006 - 19:47:26 CST


Interesting. All these implementations seem to be limited to use
online though, which doesn't really solve the data security problems
though it might help a small minority.

For something like this to really have an impact, it would have to be
designed and officially supported by VISA and Mastercard, and would
have to work at Brick-And-Mortar merchants just as well as online
merchants. Without using some kind of token device, I don't see any
way that could be done today.

On 2/27/06, Steve Smith <steve.smithgcmail.maricopa.edu> wrote:
> Adrian Sanabria wrote:
> > If there is such a thing, I can't see it being anything more than just
> > an idea at this point. For such a system to work, the back-end
> > transaction processors would have to support it, and I know the
> > products the larger ones support, and none of them feature a
> > use-once-and-throw-away number.
>
> Fwiw, Citibank has had "Virtual Account Numbers" for several years now.
> Used to be an app that ran in the Windows tray that'd spew a unique
> number into the browser (only really worked right w/ IE) but now they
> claim to have a web version for Macs and "others".
>
> Regards,
> Steve
>
> >
> > On 2/23/06, *Hobbit* <hobbitavian.org> wrote:
> >
> >>Does anyone have good pointers to where one could go for more
> >>info on MBNA ShopSafe, or whatever one-time mechanism AMEX
> >>is/was offering, or any other currently working schemes to
> >>generate a unique one-time credit-card-number equivalent per
> >>transaction? Or even per vendor, that I've heard somewhere
> >>is also possible?
> >>
> >>I'm at complete ground zero WRT any knowledge of this stuff,
> >>but it sounds like the folks here might be up on these things.
> >>Probably best to reply privately and I can summarize later
> >>if folks want.
> >>
> >>tnx
> >>
> >>_H*
> >>
> >>_______________________________________________
> >>Dataloss mailing list
> >>Datalossattrition.org
> >>https://attrition.org/mailman/listinfo/dataloss
> >>
> >
> >
> > _______________________________________________
> > Dataloss mailing list
> > Datalossattrition.org
> > https://attrition.org/mailman/listinfo/dataloss
>
>
> --
> There is no Gecko, only Zuul.
>
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/errata/dataloss/