AVS gives the merchant a clue as to whether or not there is high risk posed by a particular alleged-customer.
Merchants are free to ignore AVS, and many don't even bother to use it. Anyway, it doesn't impact the "declined" or "authorized" result given to a shopper at an e-commerce site that implements real-time processing. Jason Coombs [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Richard M. Smith Sent: Tuesday, February 18, 2003 5:30 AM To: [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] Hackers View Visa/MasterCard Accounts Wouldn't the AVS system used by the credit card companies catch this kind of hack? The AVS system does a rudimentary check to make sure that the billing address given on a order is correct one for the credit card. Richard _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
