[Owasp-leaders] Summit Regonline

Jason Li jason.li at owasp.org
Tue Jan 11 23:26:47 EST 2011


The CVV2 code is not technically required to make a credit card payment in
the US (some European countries do require it).

>From a *user* security perspective, I don't think there's a significant
impact for *not* providing a CVV2 code...

But I'm sure someone will point it out if I'm wrong :)

-Jason

On Tue, Jan 11, 2011 at 6:28 PM, Ofer Maor <ofer.maor at owasp.org> wrote:

> Am I the only one who feels uncomfortable that the regonline site did not
> ask for my CVV when taking my credit card for the booking?
>
> * *
>
> *---*
>
> *Ofer Maor*
>
> *CTO, Hacktics***
>
> *Chairman, OWASP Israel*
>
>
>
> Mobile: +972 (54) 6545406
>
> US: +1 (646) 7700646
>
> Office: +972 (9) 9565840
>
> Fax: +972 (9) 9500047
>
> LinkedIn: http://www.linkedin.com/in/ofermaor
>
> Web: www.hacktics.com
>
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20110111/9344352c/attachment.html 


More information about the OWASP-Leaders mailing list