[Owasp-leaders] Summit Regonline

Matthew Chalmers matthew.chalmers at owasp.org
Tue Jan 11 23:33:02 EST 2011


It makes users feel warm and fuzzy because it's less likely that their card
can be used if cloned from the stripe only. :)


On Tue, Jan 11, 2011 at 10:26 PM, Jason Li <jason.li at owasp.org> wrote:

> The CVV2 code is not technically required to make a credit card payment in
> the US (some European countries do require it).
>
> From a *user* security perspective, I don't think there's a significant
> impact for *not* providing a CVV2 code...
>
> But I'm sure someone will point it out if I'm wrong :)
>
> -Jason
>
> On Tue, Jan 11, 2011 at 6:28 PM, Ofer Maor <ofer.maor at owasp.org> wrote:
>
>> Am I the only one who feels uncomfortable that the regonline site did not
>> ask for my CVV when taking my credit card for the booking?
>>
>> * *
>>
>> *---*
>>
>> *Ofer Maor*
>>
>> *CTO, Hacktics***
>>
>> *Chairman, OWASP Israel*
>>
>>
>>
>> Mobile: +972 (54) 6545406
>>
>> US: +1 (646) 7700646
>>
>> Office: +972 (9) 9565840
>>
>> Fax: +972 (9) 9500047
>>
>> LinkedIn: http://www.linkedin.com/in/ofermaor
>>
>> Web: www.hacktics.com
>>
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20110111/e9680ee2/attachment.html 


More information about the OWASP-Leaders mailing list