Enroll cash out

Shivam05

Member
Messages
1
Reaction score
0
Points
1
Hello, I want to know that when I make payment in 2d UK University merchant, it asks for OTP and some of my friends have done it, how did they make payment without OTP, how to enroll for 2d merchant without OTP I am uploading the photos below, one is mine in which OTP is being added and the other is of my friend who has unblocked the card without OTP, both are same and the card is enrolled.
 

Attachments

  • IMG_20260225_162337_585.jpg
    IMG_20260225_162337_585.jpg
    73.5 KB · Views: 22
  • IMG_20260225_155958_458.jpg
    IMG_20260225_155958_458.jpg
    31.2 KB · Views: 17
Last edited:
Hello!
Enroll is the cardholder's personal account at the bank.
Enroll is required to bypass AVS after changing the cardholder's billing address to the drop address to ensure a full match.
Cashout for Enrolled cards is possible through successful purchases of liquid physical or illiquid goods to the drop addresses of buyers, after which a percentage of the set price in the catalog (buying list) is received.
Enrolled cards are not specifically designed for intercepting OTP or bypassing 3D Secure, as this can be done with any card with NON-VBV/AUTO-VBV/NON-MSCS BINs, including when paying with enrolled cards.
But on carding forums and through discussions with professional carders, I learned that some banks in mid-development countries allow you to set an OTP code in your card's personal account.

Currently, you can successfully bypass the OTP code entry for transaction confirmation in the following ways:
- Make a hit up to a certain amount (usually up to 50 euros, depending on the threshold set by banks in the target country).
- Use cards with NON-VBV/NON-MCSC BINs, which do not require payment verification if the system is configured correctly.
- Make a card payment at a payment gateway (merchant) that processes transactions and ensures payment security using the outdated 2D-Secure (2DS) technology, which also does not require an OTP.
- Use a private and working OTP bot.
- Intercept an SMS with the code via SS7 or install malware on the cardholder's phone.
- Use social engineering by calling the cardholder impersonating a bank employee (or using other fake reasons to obtain a valid OTP).

A list of current and working 2D Secure merchants and comments on them for successful operation can be found in this thread:
 
Top