Comments on: Why We Do Use CSC Codes http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/ Tales From the Inside! Sun, 22 Nov 2009 23:18:54 +0000 http://wordpress.org/?v=2.8.6 hourly 1 By: promosyon şapka http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-95881 promosyon şapka Fri, 25 Jul 2008 09:39:39 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-95881 I’m not at all surprised that McGinty is associated with this story. I’m not at all surprised that McGinty is associated with this story.

]]> By: Anonymous http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3885 Anonymous Fri, 14 Apr 2006 14:17:14 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3885 Shouldn't "Steve" or Discover be excited instead of angry/hurt/confused? Because when he sees the Dreamhost charge/refund, he knows that _his card number was stolen_ !! Shouldn’t “Steve” or Discover be excited instead of angry/hurt/confused? Because when he sees the Dreamhost charge/refund, he knows that _his card number was stolen_ !!

]]> By: Anonymous http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3884 Anonymous Fri, 14 Apr 2006 13:43:48 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3884 I stopped accepting discover after two months. First two months my webstore was up, I got about 25% chargeback on discover cards. The only sane thing to do after that was to stop. While on average, the rest were about 1% ;/ Of all the purchases I end up having to charge back because the purchase seems shady. Like some random guy in washington, connecting to the webpage using a russian IP, using a credit card from kansas... Even taking those into consideration, the amount of chargebacks I do myself and the credit card company screams at me to do, doesn't even get close to how many are done with discover. I think discovery should take a look at their own practices, and security. Maybe even teach each of their customers not to use their credit card info except when making a purchase on a secure website. I stopped accepting discover after two months. First two months my webstore was up, I got about 25% chargeback on discover cards. The only sane thing to do after that was to stop. While on average, the rest were about 1% ;/

Of all the purchases I end up having to charge back because the purchase seems shady. Like some random guy in washington, connecting to the webpage using a russian IP, using a credit card from kansas… Even taking those into consideration, the amount of chargebacks I do myself and the credit card company screams at me to do, doesn’t even get close to how many are done with discover.

I think discovery should take a look at their own practices, and security. Maybe even teach each of their customers not to use their credit card info except when making a purchase on a secure website.

]]> By: Anonymous http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3879 Anonymous Fri, 14 Apr 2006 03:48:13 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3879 I'm not at all surprised that McGinty is associated with this story. I’m not at all surprised that McGinty is associated with this story.

]]> By: YouShan http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3843 YouShan Wed, 12 Apr 2006 02:06:23 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3843 that's why i use their secure online account numbers random generated numbers that works and protects your real credit card number i dont get it.. if someone stole a card... wouldn't they have the CSC code too? that’s why i use their secure online account numbers
random generated numbers that works and protects your real credit card number

i dont get it.. if someone stole a card… wouldn’t they have the CSC code too?

]]> By: beej http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3825 beej Tue, 11 Apr 2006 08:26:50 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3825 This was like, the ONLY useful post I've ever read on your blog. Ever. Usually, um. It sucks. Thanks for not disappointing me 100%. Just 99. This was like, the ONLY useful post I’ve ever read on your blog. Ever. Usually, um. It sucks.

Thanks for not disappointing me 100%. Just 99.

]]> By: itomaki http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3824 itomaki Tue, 11 Apr 2006 08:06:06 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3824 I was told by you CSC which Dreamhost requres is not MasterCard's SecureCode, Thank you. I mistook these two. I get "Card Secure Code"(CSC) is not MasterCard's "SecureCode(TM)". Then, how much secure when Dreamhost stores the CSC code? I enter my MasterCard's number without "CSC" at "Automatic Credit Card Rebill Settings" and I get Error. > Failure! Please correct the errors below. > INVALID: CSC must be a 3 or 4 digit number. so,I am afraid that Dreamhost STORE my CSC code. I was told by you CSC which Dreamhost requres is not MasterCard’s SecureCode,
Thank you.
I mistook these two.
I get “Card Secure Code”(CSC) is not MasterCard’s “SecureCode(TM)”.

Then, how much secure when Dreamhost stores the CSC code?

I enter my MasterCard’s number without “CSC” at “Automatic Credit Card Rebill Settings”
and I get Error.
> Failure! Please correct the errors below.
> INVALID: CSC must be a 3 or 4 digit number.
so,I am afraid that Dreamhost STORE my CSC code.

]]> By: Anonymous http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3817 Anonymous Mon, 10 Apr 2006 19:36:51 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3817 itomaki (post #11): I can't tell if you think CSC codes and MasterCard's SecureCode are the same thing, or if you just want DreamHost to start participating in MasterCard's SecureCode program. To clarify, CSC codes are not the same as MasterCard's SecureCode. DreamHost can (and probably should) check the CSC codes, they just can't store them. itomaki (post #11): I can’t tell if you think CSC codes and MasterCard’s SecureCode are the same thing, or if you just want DreamHost to start participating in MasterCard’s SecureCode program.

To clarify, CSC codes are not the same as MasterCard’s SecureCode. DreamHost can (and probably should) check the CSC codes, they just can’t store them.

]]> By: elliot http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3802 elliot Sun, 09 Apr 2006 19:41:48 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3802 now without the html... "dealing with his urgent SECURTITY RELAT3D EMAILs from paypal, ebay, amazon, bofa, wamu, citibank, and Nigeria." Hey hey hey! Come on now! Nigeria may be a 2nd or even 3rd world country, and sure there may be a lot of fraud that originates from Nigeria, but that's unfair and slanderous to list it in the company of those other entities. now without the html…

“dealing with his urgent SECURTITY RELAT3D EMAILs from paypal, ebay, amazon, bofa, wamu, citibank, and Nigeria.”

Hey hey hey! Come on now! Nigeria may be a 2nd or even 3rd world country, and sure there may be a lot of fraud that originates from Nigeria, but that’s unfair and slanderous to list it in the company of those other entities.

]]> By: Kelly http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/comment-page-1/#comment-3801 Kelly Sun, 09 Apr 2006 19:41:11 +0000 http://blog.dreamhost.com/2006/04/06/why-we-do-use-csc-codes/#comment-3801 I still don't get why the cc companies haven't just started putting smartcards/SIM's on all of their cards. They could then distribute readers with mac, windows, and API documentation for Linux and everyone else. It would be a huge up front investment but it would basically turn online fraud into a non-issue, as it would require them to physically posses the card. American Express seemed to start in on this with their Blue credit card line, but their regular charge cards still don't have them. It would also require browser upgrades across the board, and merchant integration, but had they started in on this a few years ago it could have been integrated by now into most people's browsers. Either way, for all the stink thats made over SSL certificates I would think they would have something worked out by now. Send a token, sign it against the key on the card, and send it back. "Easier said than done." I know, but it seems like the cost to implement it could have been overcome by now in the costs dealing with fraud. Heck they could encourage merchants to accept/require it during the startup period by giving them a break on processing fees for a year or something for each transaction signed by a smartcard. I still don’t get why the cc companies haven’t just started putting smartcards/SIM’s on all of their cards. They could then distribute readers with mac, windows, and API documentation for Linux and everyone else. It would be a huge up front investment but it would basically turn online fraud into a non-issue, as it would require them to physically posses the card.

American Express seemed to start in on this with their Blue credit card line, but their regular charge cards still don’t have them. It would also require browser upgrades across the board, and merchant integration, but had they started in on this a few years ago it could have been integrated by now into most people’s browsers. Either way, for all the stink thats made over SSL certificates I would think they would have something worked out by now. Send a token, sign it against the key on the card, and send it back. “Easier said than done.” I know, but it seems like the cost to implement it could have been overcome by now in the costs dealing with fraud.

Heck they could encourage merchants to accept/require it during the startup period by giving them a break on processing fees for a year or something for each transaction signed by a smartcard.

]]>