Akopia Akopia Services
[Date Prev][Date Next][Thread Prev][Thread Next][Interchange by date ][Interchange by thread ]

RE: [ic] Credit card LUHN checking - why we don't want it

> > That is easy enough - set
> >
> > 	<INPUT TYPE=hidden NAME=mv_credit_card_force VALUE=1>
> >
> > which forces the LUHN-10 check good.
>
> Huh? The Shop trusts the browser?! Why that? Are there other such
> things? Is there a field called mv_price_check_disable or
> similar? I cannot understand how a database driven system could
> be confiugrable and fakeable by some client/browser? Or did I
> missed something?

AFAIK LUHN-10 checking is only performed if the CC details are to be
encrypted and emailed to the shop owner.

In this case, there is always a check being performed by a human before a
shipment. Worst case would be that a bogus number gets entered... but then a
customer could get through a LUNH-10 check with 4111 1111 1111 1111 .... and
I am sure they still wouldn't get the goods..

Jonathan
Webmaint.
Search for: Match: Format: Sort by: