This wouldn't prevent the bot problem, right? It supposedly takes seconds or minutes to brute force the CVV by trying on many different websites. That leaves plenty of time to use the CVV before it expires.
Which vulnerability is this targeted at? Large scale breaches of merchants who are storing CVVs when they aren't supposed to? Card skimmers? I'm not familiar with what the typical attack vector is for card fraud.
2 comments
[ 0.23 ms ] story [ 24.8 ms ] threadWhich vulnerability is this targeted at? Large scale breaches of merchants who are storing CVVs when they aren't supposed to? Card skimmers? I'm not familiar with what the typical attack vector is for card fraud.