Security expert Ben Laurie has a scorching indictment of the "Verified by Visa" program used by British banks. This system is basically the perfect system for phishers and identity thieves, and conditions honest people to behave in foolish ways that leave them vulnerable to having their life's saving taken off of them.
"Frame inline displays the VbV authentication page in
the merchant’s main window with the merchant’s
header. Therefore, VbV is seen as a natural part of the
purchase process. It is recommended that the top
frame include the merchant’s standard branding in a
short and concise manner and keep the cardholder
within the same look and feel of the checkout process."
Or, in other words: Please ensure that there is absolutely no way for your customer to know whether we are showing the form or you are. In fact, please train your customer to give their “Verified by Visa” password to anyone who asks for it.
Craziness. But it gets better - obviously not everyone is pre-enrolled in this stupid scheme, so they also allow for enrolment using the same inline scheme. Now the phishers have the opportunity to also get information that will allow them to identify themselves to the bank as you. Yes, Visa have provided a very nicely tailored and packaged identity theft scheme. But, best of all, rather like Chip and PIN, they push all blame for their failures on to the customer
Nobel Prize-winning economist Joseph Stiglitz says the Trans-Pacific Partnership, or TPP, could be the worst trade agreement ever negotiated in history. In an interview with CBC News, he recommended that the government of Canada insist on reworking it.
Last week, Boing Boing pals Douglas Rushkoff, author of Throwing Rocks at the Google Bus, and Marina Gorbis, executive director at Institute for the Future (where I’m a researcher), took the stage at San Francisco’s Commonwealth Club to discuss why we’ve lost sight of the open Web and how the digital economy has gone terribly […]
Looks like all of your potential employers are hiring candidates with programming skills (which you don’t have). With all of the languages out there today, it’s tough to know where to start.With the Complete Front-End to Back-End Coding Bundle, you can beef your resume up in all the right places, no confusion necessary. This package of […]
Those of us who love music wish we could listen to it 24/7. But it’s impossible when we’re trying to converse with our friends, or when are swimming in the local pool.That is, until now. The KOAR Bone Conduction Bluetooth Headset, now 48% off, has changed the audio game.Made with lightweight titanium memory metal, this headset boasts patented bone conduction technology to transport sound […]
It’s one thing to enjoy dinner at home and a nice glass of Cabernet Sauvignon with your best friend, Netflix, but it’s another thing entirely to make that meal from scratch and get that wine delivered right to your doorstep.But what if we told you there’s a way to make this possible? To keep your social life, […]