Verified by Visa ?

[Oblio_A]

Marketed as an additional layer of security for consumers, Verified-by-Visa service says it requires a password to shop at participating online stores.

Do we assume a 'participating' online store is one that requires the VbV password to complete the consumer's transaction, and a non-participating store simply does not ask for the password?
Or, the card simply cannot be used at NON-participating stores?


In other words... How does Verified-by-Visa prevent criminals from using a stolen Visa card at "NON-participating" online stores?

(I have read all the FAQ's on several banking websites, including Visa's website, and none specifically answer the question of thieves simply shopping at NON-participating merchants.)

 

[askalot]

In other words... How does Verified-by-Visa prevent criminals from using a stolen Visa card at "NON-participating" online stores?

The card can be used at non-participating stores so I guess the answer to the question is; it doesn't.

 

[Oblio_A]

---

It doesn't?
Well, That's FANTASTIC! (as Glenn Beck would sarcastically say)

Thanks for the answer. I guess my suspicions are correct:
It is obviously more a protection mechanism for online merchants (who pay to subscribe to the VbV service) than it is for consumers. All VbV does for consumers is create the inconvenience of having to remember yet another password. No thanks.

---

 

[MugsGame]

Even better, if a store asks for your password, how do you know it's a participating store and not a phishing site? (There is a way, but how many people know to check!).

BTW, 3-D Secure is the payment card industry name for this. VbV is the Visa implementation.

 

[Oblio_A]

Even better, if a store asks for your password, how do you know it's a participating store and not a phishing site? (There is a way, but how many people know to check!).

BTW, 3-D Secure is the payment card industry name for this. VbV is the Visa implementation.

Thanks for the info.
Do you think the anti-phising technology in IE 7, or any other browser,
will verify 3-D Secure pop-ups? Is IE, Firefox, Safari better\safer?

Also, here is a more in-depth thread I recently came across regarding VbV:
http://www.cerias.purdue.edu/weblogs/pmeunier/secure-it-practices/post-91/verified-by-visa-issues/

-----

 

[McSim]

Even better, if a store asks for your password, how do you know it's a participating store and not a phishing site? (There is a way, but how many people know to check!).

BTW, 3-D Secure is the payment card industry name for this. VbV is the Visa implementation.

The way is very simple, when someone registeres for VbV (s)he provides secred word as well as password and genuine pop up must display that word on the top of password entry box.

All
Yes, this is true that VbV card can be used on non VbV stores. Also, if you paid by VbV method, it is much harder to get chargeback (you have to prove that service/goods were not delivered, etc.).

But the point you are missing is that if VbV is not used by merchant you can chargeback transaction quite easy, usually one call does it all and it is up to merchant to prove otherwise after money are refunded (and merchant also penalised for chargeback).

So VbV is a not a bad thing. Yes, it will be more efficient in preventing fraud when majority of merchants will adopt it. And they will, as chargebacks usually costs more then subscribtion to VbV service btw.

MugsGame did you receive my PM sent on 25-02-2008?