Lack of fraud reporting paths considered harmful.
lists at notatla.org.uk
lists at notatla.org.uk
Fri Jan 25 17:12:03 EST 2008
Perry wrote:
> His firm routinely discovers attempted credit card fraud. However,
> since there is no way for them to report attempted fraud to the credit
> card network (the protocol literally does not allow for it), all they
> can do is refuse the transaction -- they literally have no mechanism
> to let the issuing bank know that the card number was likely stolen.
A former boss has become "Head of Fraud Technology" (I asked him who
was "Head of Anti-Fraud Technology") and he answers like this.
I am not really a cards man but I would have said the good
old telephone, a call to the acquirer, would be the way. The
acquirer would then pass that on to the issuer. Granted the
merchant may not know for certain that had happened, but he
has done his duty at that point.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list