{"id":610,"date":"2008-12-15T12:05:28","date_gmt":"2008-12-15T12:05:28","guid":{"rendered":"http:\/\/west-penwith.org.uk\/blog\/?p=610"},"modified":"2014-04-11T18:27:56","modified_gmt":"2014-04-11T17:27:56","slug":"verified-by-visa","status":"publish","type":"post","link":"https:\/\/west-penwith.org.uk\/blog\/archives\/610","title":{"rendered":"Verified by Visa"},"content":{"rendered":"<p>Another attempt at improving the security of online transactions is <a href=\"http:\/\/www.visaeurope.com\/personal\/onlineshopping\/verifiedbyvisa\/main.jsp\">Verified by Visa<\/a> (and a very similar system called <a href=\"http:\/\/www.mastercard.com\/uk\/personal\/en\/cardholderservices\/securecode\/index.html\">Mastercard SecureCode<\/a>). The system is that a password independent of anything written on the card and with much more variability (10-15 characters) is verified with the bank first and then used for transactions. Not all banks nor all retailers are signed up yet but it looks to be a good system, albeit with only one of the factors of authentication in use (Something-you-know). A clever part is the echoing back of a phrase decided by you (&#8220;Personal Message&#8221;) in advance to give you confidence that it is a genuine transactions (so beware of any Verified-by-Visa popups that don&#8217;t contain this phrase).<\/p>\n<p>However the implementation on the ground has not been good. Very little advance information has been sent out to customers and often the first thing they discover is a retailer that is using it, <a href=\"http:\/\/diamondgeezer.blogspot.com\/2008_12_01_archive.html#2755972784071885243\">sometimes with no option<\/a>. You do get an invitation to sign up there and then (called Activation During Shopping) but this is exactly the situation we have all been warned against&mdash;an unknown web address (not even the retailer one) asking for personal details and passwords. I recommend that if you come across this, pause the transaction and go to a different window and sign up directly via your known bank web site.<\/p>\n<p>Now when will <a href=\"http:\/\/www.co-operativebank.co.uk\/servlet\/Satellite\/1193206375355,CFSweb\/Page\/Bank\">The Cooperative Bank<\/a> join in? Ah, <a href=\"http:\/\/www.co-operativebank.co.uk\/servlet\/Satellite\/1223362658154,CFSweb\/Page\/Bank-CreditCards\">they are, slowly<\/a>, it just doesn&#8217;t say so on the Visa site. They have decided not to use Activation During Shopping so they get a gold star from me for having a clue. I will take half of it back though, as they are using a &#8220;memorable name&#8221; rather than a real password, nor do they seem to be using the echoed personal message. Is this really one system or are people making it up as they go along?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Another attempt at improving the security of online transactions is Verified by Visa (and a very similar system called Mastercard SecureCode). The system is that a password independent of anything written on the card and with much more variability (10-15 characters) is verified with the bank first and then used for transactions. Not all banks [&hellip;]<\/p>\n","protected":false},"author":239,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"class_list":["post-610","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/posts\/610","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/users\/239"}],"replies":[{"embeddable":true,"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/comments?post=610"}],"version-history":[{"count":3,"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/posts\/610\/revisions"}],"predecessor-version":[{"id":1748,"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/posts\/610\/revisions\/1748"}],"wp:attachment":[{"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/media?parent=610"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/categories?post=610"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/west-penwith.org.uk\/blog\/wp-json\/wp\/v2\/tags?post=610"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}