[Infowarrior] - Comment: CCV2 lunacy

[Richard Forno]

Thought I'd raise an old question based on something I just read when  
checking out at online merchant:

"CVV2 is a authentication technique established by credit card  
companies to reduce credit card fraud. The CVV2 numbers are an  
additional set of numbers which are printed on the card. These numbers  
are not recorded when your card is manually imprinted or run through a  
magnetic reader. This makes them much harder to steal than the rest of  
the credit number."

Okay.  Therefore, the question remains:  if the use of the CCV2 is is  
to prevent CC fraud at retail points of sale in stores/restaurants  
when the card is physically presented, doesnt asking for the CVV2  
number when presenting it virtually over the Internet only shift the  
target of opportunity (point of vulnerability) to the web merchants  
who ask and collect all that information? Isn't this just more  
security kibuki?

...and yet we continue to play along with this practice.    Moo.

-rf