There's encoded data on something that's supposed to be a UUID thing: Industry, Issuer (card company), Lender (banking institution), Account number, and Checksum
This is a good way to prevent fraud? Or have they just given me the keys to generate "valid" credit cards?
Slap a name from the phonebook on there and see what you can purchase. Now we have PCI compliance trying to tell people to somehow lock this crap down? So they invent the CV2 codes, a 1 in 1000 hit-or-miss, I don't think my odds are too bad when I can generate any creditcard. Dates will also only fall into a specific range of time anyway. Yeah, we keep putting up bandages to creditcard security processing, but why do we need to? Honestly, the world of standards sucks.
What REALLY bothers me is things like credit cards.
http://www.merriampark.com/anatomycc.htm
There's encoded data on something that's supposed to be a UUID thing: Industry, Issuer (card company), Lender (banking institution), Account number, and Checksum
This is a good way to prevent fraud? Or have they just given me the keys to generate "valid" credit cards?
http://www.darkcoding.net/credit-card-numbers/
Slap a name from the phonebook on there and see what you can purchase. Now we have PCI compliance trying to tell people to somehow lock this crap down? So they invent the CV2 codes, a 1 in 1000 hit-or-miss, I don't think my odds are too bad when I can generate any creditcard. Dates will also only fall into a specific range of time anyway. Yeah, we keep putting up bandages to creditcard security processing, but why do we need to? Honestly, the world of standards sucks.