how-to block ads
|
|
Share Topic
 |
 |
|
|
|
 SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:5
 ·RoadRunner Cable
 ·Clearwire Wireless
| reply to mae_aa419
Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto said by mae_aa419:MGD says: quote:
This kind of repeated access to multiple unrelated card accounts of victims, clearly demonstrates how pervasive this syndicate's access to data is. What makes this more unique is that the AMEX and VISA/MC card processing systems are totally independent and unrelated. So where might that data be combined in a database.? Remember, dormant cards, and cards that were never used anywhere, get hit too.
So I will venture a guess here and wonder if the credit reporting agencies might have such a database? They will know how many cards you have, who they are issued by, what the credit limit is, what the balance is, how long you've had the card, what your payment history is, but they don't have the actual CC#/CVV/exp.date | |
| said by Snowy:said by mae_aa419:MGD says: quote:
This kind of repeated access to multiple unrelated card accounts of victims, clearly demonstrates how pervasive this syndicate's access to data is. What makes this more unique is that the AMEX and VISA/MC card processing systems are totally independent and unrelated. So where might that data be combined in a database.? Remember, dormant cards, and cards that were never used anywhere, get hit too.
So I will venture a guess here and wonder if the credit reporting agencies might have such a database? They will know how many cards you have, who they are issued by, what the credit limit is, what the balance is, how long you've had the card, what your payment history is, but they don't have the actual CC#/CVV/exp.date That may be the information in your credit report (that is supplied to requesters), but I am not sure that is all the information that could be maintained (even if not shared).
In the case of Certegy, they are both a payment processing company and a "national credit reporting agency", which means even if you've never run your credit card or check through one of their payment portals, they still will have a credit report on you. You can request your report from them here: »www.fidelityinfoservices.com/FNF···tFAQ.htm
If you try to process a checking account payment through one of their systems (such as a store swipe or e-check online), it does not check your balance for approval/rejection. Instead it runs a credit check on you.
quote:
Certegy, Inc. is a leading provider of check authorization services and credit card, debit card, and merchant card processing. The company provides its services to more than 6,000 financial institutions and to more than 100,000 retailers worldwide.
Certegy's business is divided into two main areas, Check Services and Card Services. Certegy helps client retailers such as Wal-Mart and Best Buy by providing risk management and data services that catch bad check writers and verify customers with adequate funds. For its service Certegy receives a percentage of the total dollar amount of checks written to the client. Certegy pioneered this business in the 1960s. Certegy's Card Services unit has prevailed despite competition from larger vendors by concentrating on providing card processing services to small banks and credit unions.
The company also has growing international sales, doing business in the United Kingdom, Ireland, and France, in Chile and Brazil, and in Australia and New Zealand. Certegy's card processing unit in Melbourne, Australia, handles multinational and multilingual transactions, allowing Certegy to service customers in Thailand and throughout the Asia Pacific region.
Certegy was founded as Telecredit, Inc., and operated under that name through 1990. From 1990 to 2001 the company was the Payment Services unit of Equifax, Inc. Equifax spun off the unit in 2001.
»findarticles.com/p/articles/mi_g···111/pg_1
I do not know if Certegy maintains this information together in the same database, but this article from when Equifax payment services spun off to Certegy suggests that they do:
quote:
Not all vendors in the e-payments market try to offer a full-service solution, however. Certegy Check Services eschews the strategy of developing a total e-payments solution, preferring instead to focus on the historic strength it developed when it was part of Equifax Inc.—database solutions for credit card and check authentication.
quote:
With one of the oldest and largest repositories of consumer credit and check verification data, Equifax has been a key behind-the-scenes player in credit and check authorization. A year ago, it entered the web payments market with an electronic check payment product, which employs its massive risk management database to authenticate the e-check and uses the ACH to transfer payment electronically. Earlier this year, Equifax Inc. spun off its Equifax Check Solutions into a stand-alone company that took the name Certegy Check Services.
On their web based check authorization product:
quote:
When a web merchant uses the Certegy e-checking service, the web shopper must fill out basic identification information (name, address and driver’s license number), which is instantly matched against the Certegy database on that consumer. The shopper then receives a series of multiple-choice questions from the Certegy database that relate to details about the customers mortgage, car, credit card or even student loan history. The responses are then verified by matching them against the Certegy database. If there’s a match, the check is approved for payment, and the web shopper is sent via e-mail a user name and password that is used to verify all future e-check payments by that shopper on that site.
»www.internetretailer.com/interne···ing.html
I am not saying Certegy is the leak here (although they were breached), but I am saying that in the example of Certegy's database(s), they maintain more than just what is shown to you in your credit report. | |
|
