fokuspokus
BANNED
- Messages
- 118
- Reaction score
- 9
- Points
- 18
Is it possible to over come Transaction Authorisation Code protection? Or do you need to check sites that doesnt have this security? Or do u need cc with it?
Transaction Authorisation Code
- Thread starter fokuspokus
- Start date
fokuspokus
BANNED
- Messages
- 118
- Reaction score
- 9
- Points
- 18
No one knows?! Thats fun..
axelevents
Professional
- Messages
- 207
- Reaction score
- 16
- Points
- 18
yes it is possible
yes it is possible simply select i forgot the password and retype the details or info of the card holder u have ...thts all its called 3d secure from the bank to recheck u r the cardholder and there is no such website with out 3d secure if there is then ur card is been back tracked and when u make a transaction they will say there is a error in the website pls try later and when u try later in other website.... bingo ur card is been used or blocked ...meaning someone used ur card before u knw it .....if u still dont get it pm me will help u out...
yes it is possible simply select i forgot the password and retype the details or info of the card holder u have ...thts all its called 3d secure from the bank to recheck u r the cardholder and there is no such website with out 3d secure if there is then ur card is been back tracked and when u make a transaction they will say there is a error in the website pls try later and when u try later in other website.... bingo ur card is been used or blocked ...meaning someone used ur card before u knw it .....if u still dont get it pm me will help u out...
fokuspokus
BANNED
- Messages
- 118
- Reaction score
- 9
- Points
- 18
still waiting for pm from you 
fokuspokus
BANNED
- Messages
- 118
- Reaction score
- 9
- Points
- 18
Will have that in mind to. But I need a method for overcoming it, not choosing the easyest way
serialkilla
Professional
- Messages
- 367
- Reaction score
- 13
- Points
- 18
Well, i guess thats the only way (i.e use non vbv/msc bins or amex and disc.). r you use fullz.
fokuspokus
BANNED
- Messages
- 118
- Reaction score
- 9
- Points
- 18
axelevents sayed its possible..
fokuspokus
BANNED
- Messages
- 118
- Reaction score
- 9
- Points
- 18
bump bump?
fokuspokus
BANNED
- Messages
- 118
- Reaction score
- 9
- Points
- 18
Forgot pass says contact your bank.. so it doesnt ask for any details to be written..
---------- Сообщение добавлено в 01:15 PM ---------- Предыдущее сообщение размещено в 12:44 PM ----------
Maybe this text will help someone:
Inconsistent authentication methods:
The 3DS specifcation only covers the communication between the merchant, issuer, acquirer and payment scheme, not how customer veri cation is performed. This is left to the issuer, and some have made extremely unwise choices. For instance, one bank asks for the cardholder's ATM PIN. It's bad enough that EMV Verifed by Visa and MasterCard SecureCode 5 has trained cardholders to enter ATM PINs at terminals in shops; training them to enter PINs at random e-commerce sites is just grossly negligent. (Phishermen are also asking for ATM PINs on bogus ADS forms.)
Another issuer-specifc choice is how to reset the password when a customer forgets it; here again corners are cut. Some banks respond to one or two failed password attempts by prompting an online password reset using essentially the same mechanisms as ADS. In a number of cases the bank requires only the cardholder's date of birth, which is easily available from public records; with one (UK-government-owned) bank, two wrong password attempts simply lead to an invitation to set a new password. A third variable factor is whether the 3DS implementation asks for a whole password or for some subset of its letters. The idea behind asking for a subset is that a single-round keyboard logging attack does not compromise the whole password. However this compels users to select relatively simple passwords, and probably to write them down. (Thereby they will be in breach of the bank's terms and conditions, and can be refused a refund in case of fraud; so asking for a subset may actually be a rational design choice for the bank.)
---------- Сообщение добавлено в 01:15 PM ---------- Предыдущее сообщение размещено в 12:44 PM ----------
Maybe this text will help someone:
Inconsistent authentication methods:
The 3DS specifcation only covers the communication between the merchant, issuer, acquirer and payment scheme, not how customer veri cation is performed. This is left to the issuer, and some have made extremely unwise choices. For instance, one bank asks for the cardholder's ATM PIN. It's bad enough that EMV Verifed by Visa and MasterCard SecureCode 5 has trained cardholders to enter ATM PINs at terminals in shops; training them to enter PINs at random e-commerce sites is just grossly negligent. (Phishermen are also asking for ATM PINs on bogus ADS forms.)
Another issuer-specifc choice is how to reset the password when a customer forgets it; here again corners are cut. Some banks respond to one or two failed password attempts by prompting an online password reset using essentially the same mechanisms as ADS. In a number of cases the bank requires only the cardholder's date of birth, which is easily available from public records; with one (UK-government-owned) bank, two wrong password attempts simply lead to an invitation to set a new password. A third variable factor is whether the 3DS implementation asks for a whole password or for some subset of its letters. The idea behind asking for a subset is that a single-round keyboard logging attack does not compromise the whole password. However this compels users to select relatively simple passwords, and probably to write them down. (Thereby they will be in breach of the bank's terms and conditions, and can be refused a refund in case of fraud; so asking for a subset may actually be a rational design choice for the bank.)
