[LINK] Cheap solution for security
Adrian Chadd
adrian at creative.net.au
Tue May 26 10:57:37 AEST 2009
On Tue, May 26, 2009, Martin Barry wrote:
> $quoted_author = "Adrian Chadd" ;
> >
> > How is this secure again?
>
> It looks like a "something I have" component of authentication.
Right.
> I gather this would be preferred to CCVs because they are merely an
> extension of "something I know" (in addition to the card number, expiry
> etc.etc.).
>
> I also gather it would be preferred to SecureID and similar hardware tokens
> because of the ability to include in on the credit card, doesn't require
> batteries.
But it still isn't any better at MITM than a proper cryptographic solution.
All it means is you can't easily fill in your "CVV" without using some
(presumably licenced) technology which someone else in the food chain
gets paid for.
Adrian
More information about the Link
mailing list