版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
CreditCardfraud
ontheInternet“Butwealreadysolvedthis〞Theengineer,thephysicistandthecomputersecurityguruCCFraudThemythTherealityWhogetshurt?ThemythWilyhackersstalkcyberspace,sniffingpacketsandassemblingthemtogetyourcreditcardnumbersotheycanstealfromyouraccountThecustomerlosesmoneyTherealityInadequatenarrativeKidsmakingupnumbersRepudiationThemerchantlosesmoneyTheCCsystemDesignedforretailAdaptedforMailOrderAdaptedforPhoneOrderAdaptedforNetOrderAbridgetoofarInadequatenarrativeIboughtsomestufffromStarshipIgotaCCbill(noinvoice)Twomonthslater,IgotanotherbillFromAmericanComputerProductsWhoarethey???AdequatenarrativeMerchantsshouldbegiven120charactersfornarrativeCarriedthroughtothestatementSothecustomerknowswhatit’sforKidsmaking
upnumbersTobuysoftwareTobuyaccessTobuymusicCDRoms(MP3)Tobuyothervirtualgoods/servicesMakingupnumbersSixdigitbinnumberAnyninedigitsLuhncheck(mod10)Whyisitsoeasy?Becausethebanksdon’tseetheccnumberasapassword,theyseeitasausername(accountnumber)Creditmaster400013AT&TUniversal4013…BaltimoreBank5100…SouthwesternStates5172…FirstBankCardCenter541987etcCreditmasterIphonedupthe4013bankToldthemaboutitGavethemadozenexamplesTheydon’tseemtoseeitastheirproblemTheydon’tcareChargebacksMerchantshavenodefenceImagineyousoldanewspaperfor£1Twoweekslater,thecustomercomesbackTakes£1outofyourtillYouwatch,andwonderwhythisisallowedChargebacksOrninemonthslater...ChargebacksMerchantsneednon-repudiabletransactionsTechnicallyeasyWhoeverdoesitfirst,willbecomethecurrencyoftheinternetNon-repudiability
-theNR-cardLimitliabilityupto£50Ifyouloseyourmoney,toughluckJustlikelosing£50inyourwalletMerchantswillofferdealsthatpersuadecustomerstousetheNR-cardNon-repudiability
-theNR-cardMerchantswillpreferthem-nochargebacks!“NR-price,25%off!〞“FreegiftifyoubuywithNR〞SocustomerswillpreferthemtooNon-repudiability
-theNR-cardNR-cardcomeswithaCDRom.CDRomhasdualkeycryptosystemandyourtwokeysTheCDRombecomesyourdigitalsignatureforthatcardIdon’tneedtotellyoufolkswhat’sonthatCDRom!Butthat’sthefutureWhataboutnow?We’restuckwithaCCsystemdesignedforretail.WehavetodothebestwecanwithwhatwehaveRiskmanagementGetalotofdetailfromthecustomerName,address,postcode,etcNameofissuingbankCustomersupportnumberRiskmanagementCheckthecountryhe’sfrom,againsttheIPaddressChecktheZipcodeagainstthestateCheckthephonenumberagainstthelocationCheckforcreditmasternumbersRiskmanagementCheckthebanknameCheckthebanksupportnumberBuythe$5000listofbanknames/binnumbersOrmakeyourownRiskmanagementOfferahigh-priceoptionthatno-oneshouldeverwant……exceptsomeonewhodoesn’tcarehowmuchhe’sspendingRiskmanagementWhenyougetafraud,don’tgivearefusaltothecustomerSay“Hello,MrCustomer,here’swhatyouordered…〞…“…theremightbeaslightdelay…〞“…pleasebepatient…〞“…you’llgetitwithin48hours…〞Riskmanagement“…we’redoingthebestwecan…〞“…duetoacomputercrash,therewillbeaslightdelay…〞“…therecentproblemsinNewOrleanshasmeant…〞“…wevalueyourcustomandthankyouforbeingpatient…〞“…yourbusinessisimportanttous〞RiskmanagementIcallthisthe“inefficientbumbler〞ThegrammaticalmistakesaretomakeitlookmoreauthenticManycompaniesdothisanyway,sohewon’trealisehe’sgettingarun-aroundRiskmanagementWhy?Well,ifyousay“Thatcardwasnogood,pleasetryagain…〞Whatdoyousupposehe’lldo?RiskmanagementIfyoucan,givehimsomethingabitlikewhatheorderedButwhichdoesn’tworkverywell(slow,orlessfunctionality)Sinceyouwon’tbebillinghiscard,youaren’tdefraudinghimHe’llstoptryingtodefraudyouAuthorisationWhatmostpeoplethinkis“Itdoesn’tguaranteepayment,itonlychecksthattheresufficientfundsintheaccount〞Thisisn’tquitecorrectAuthorisationInfact,ifit’soutsidetheUK,authsgothroughVisa-netIftheamountissmall,Visa-netcanjustcheckthefirstsixdigits(binnumber)andthemoduloWhoopee.AuthorisationSo,authingdoesn’tgivethemerchanttheriskreductionhethoughtitdidButitcanleadtohighercosts,viareferralsHere’showAuthorisationAuthorisationeq“Goahead,bill〞Declineeq“Noway,Jose〞Referraleq“Maybe.Phoneusupandwe’lltalkaboutit.〞Thistakes5to10minutes,andrequirestwopeopleThisisthe“ModernElectronicCreditCardSystem〞ReferralsOne-in-N;bankschooseoneinthreeoronein20anddoareferralIfyouhavealotofcustomers,thenyou’llgetalotofreferralsEachreferralis5-10minutes,twopeopleReferralsWhywasn’tthisaproblembefore?BecausemerchantshadfloorlimitsBelowthefloorlimit,noneedtoauthWiththe“ModernElectronicCreditCardSystem〞allbillingsmustbeauthed.Even$1.00Eventhoughauthingdoesn’tensurethatthecardevenexists!ReferralsWhentheamountis$10,thebankgets$0.40.Cantheyhirepeoplefor£1.50perhour?ThecurrentsystemforinternetcommerceintheUKisabouttobreakdownChargebacksVisaisabouttointroducepena
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 谷氨酰胺在肌肉生长中的关键作用
- 兼职设计师合作协议
- 股权激励计划终止协议
- 2024年事业单位招聘考试吉林省长春市职业能力倾向测验题库含答案解析
- 2023年化妆品业务工作总结及工作计划
- 2023年环卫年终总结与计划
- 2023年环卫班长年终工作总结报告
- 专用小麦新品种相关项目投资计划书范本
- 幼儿园课件之大班科学《塑料袋的旅行》
- 人教版二年级数学下册课件《整百、整千数的加减法》
- 期中质量检测模拟卷(试题)2023-2024学年统编版语文五年级下册
- 中水机房安全管理制度(3篇)
- 分布式容错算法应用
- 协会理事会会长申请表
- 中学跨学科融合视域下劳动教育实施现状的调查问卷
- 2024年上海奉贤区储备人才招聘笔试冲刺题(带答案解析)
- 巡察整改检讨书
- 夏季雨天行车安全培训.课件
- 2022活塞式调流调压阀技术导则
- 用户转化率分析报告
- 医疗质量安全十八项核心制度培训
评论
0/150
提交评论