Tuesday, October 22, 2002

Al is de boef nog zo snel...

... de Merchant Round Table achterhaalt hen wel. Ron Onrust wijst me op een mooi verhaal in de New York Times. Hieruit blijkt dat Internet-merchants op zeker moment weten wat de foute credit-card nummers zijn, maar de bank in kwestie nog even nodig heeft om de kaarten te blokkeren. Zodoende onstaan initatieven als Card Cops en een soortgelijk initiatief om een hot-list van kaartnummers bij te houden door de Merchant Round Table.

Notably, when merchants sell goods to people who hold stolen credit cards, they are typically liable for the fraudulent charges — not the credit card issuer, and not the consumer. Mr. Redenbaugh is among those who say credit-card issuers are not working quickly enough to cut off stolen cards — a charge that issuers dispute — and he offered an example of how that hurts merchants. A pornography site based in Gibraltar was hacked, he said, and a large portion of credit cards were stolen from the site's files.

"We reported that to the predominant bank involved and asked them to stop it because we kept seeing these cards coming back," said Mr. Redenbaugh, who would not identify the bank. Based on its own procedures for screening fraud, Hewlett-Packard rejected those cards, "but the bank kept approving them for authorizations," he said. "It took them over a month and a half to cut off the cards. Those cards may have been used on dozens of merchants' sites who didn't figure this out."