I hate Mastercard SecureCode and Verified by Visa

skywalker

I had this exact problem. Bloody annoying the way they wont allow you to use a password you have previously used too.

My solution was to attach a postit to the back of the card with the first few digits of the password followed by ellipsis so I remember which one Ive used. Doesnt compromise the security of the password to anyone else & I instantly know which of my passwords to use.

ElleEm

skywalker wrote: »

I had this exact problem. Bloody annoying the way they wont allow you to use a password you have previously used too.

My solution was to attach a postit to the back of the card with the first few digits of the password followed by ellipsis so I remember which one Ive used. Doesnt compromise the security of the password to anyone else & I instantly know which of my passwords to use.

My diary is filled with letters and hashtags so I know what combination of words and numbers I used for different passwords. It looks like gibberish to everyone else but makes sense to me!

Adamantium

Stealth "I got money thread and you don't" thread.

OH Cruel world, why do you make me bleed?

SpaceTime

I know someone in the UK who set a mildly rude word as his password online thinking he'd never have to use it on the phone. He had to give it to a call centre who subsequently hung up on him and told them that it breeched their sexual harassment and decency policy and refused to reset it for him!!

foggy_lad

I Heart Internet wrote: »

This may have come up before, but can we all take a moment to consider how annoying Mastercard SecureCode and Verified by Visa are.

"No I don't remember my password! So few sites actually use this thing that I forget my password each and every time."

I think I hate them.

better being safe than losing all your money.

Teyla Emmagan

I hate Verified by Visa with a passion.

I think my current password for their stupid and impossible to opt out of service is "youpackof*****'.

The bank protect you anyway, you do NOT NEED verified by flipping Visa.

No Pants

foggy_lad wrote: »

better being safe than losing all your money.

It's nothing to do with protecting your money. It's all about the liability for the money if it does get lost.

robindch

SpaceTime wrote: »

It should be something that's properly integrated into your online banking. I don't see why, for example, you couldn't have a SMS verification code to verify your identity or something like that instead.

For a variety of reasons, SMS isn't considered very safe by the card schemes - Visa, MasterCard etc.

SpaceTime wrote: »

[...] isn't really very well implemented.

Nope, it's not.

SpaceTime wrote: »

We need to come up with better systems than complicated passwords [...] Two Factor security using an SMS or an app on your phone would make a hell of a lot more sense.

Chip Authentication Protocol - CAP - has been around for years and AIB support it here in Ireland:

http://en.wikipedia.org/wiki/Chip_Authentication_Program

Unfortunately, CAP has yet to adopted widely - probably because it's a chicken and egg situation - nobody's implementing it since it's not widely rolled out, and it's not being rolled out since nobody's implementing it.

A few more major card leakages might reverse the economic balance though.

robindch

Teyla Emmagan wrote: »

The bank protect you anyway, you do NOT NEED verified by flipping Visa.

SecureCode and VbV are there to increase card security and keep fraud costs and cardholder anger to a minimum.

AlanS181824

Just remember your password, it's not hard.

haro124

Complete pain in the hole. Changed banks and now they send me a new code every time it's needed

zetalambda

I Heart Internet wrote: »

This may have come up before, but can we all take a moment to consider how annoying Mastercard SecureCode and Verified by Visa are.

"No I don't remember my password! So few sites actually use this thing that I forget my password each and every time."

I think I hate them.

F U C K V I S A

or

F U C K C A R D

You'll never forget these.

Teyla Emmagan

robindch wrote: »

SecureCode and VbV are there to increase card security and keep fraud costs and cardholder anger to a minimum.

Well, that's obviously working. Such a popular service.

Am I alone in thinking it's just for the credit card providers' security and not for the rest of us??

anothernight

I thought Verified by Visa wasn't a big deal, just another password to remember... Until I saw my very frustrated boyfriend being asked the 12th character of his 9-character password. The password must be a minimum of 8 characters. You'd think a card company wouldn't make such stupid mistakes.

Ineedaname

Was buying a book online a few days ago. Couldn't remember the password for SecureCode. By the time I'd made a new one the book had been sold. :mad:

No Pants

Teyla Emmagan wrote: »

Am I alone in thinking it's just for the credit card providers' security and not for the rest of us??

It's more about the transferring of liability than security.

enda1

Teyla Emmagan wrote: »

Well, that's obviously working. Such a popular service.

Am I alone in thinking it's just for the credit card providers' security and not for the rest of us??

Well it's their money. That's what a credit card is. They provide the service of buying the goods for you and paying. You then pay the bill of your credit agreement. If they can't prove it was you who bought the good i.e. it was a fraudulent payment, you don't pay. It's them that hump the cost.

matrim

The basic concept is a bit annoying but i understand the reason for it but I hate that it only asks 3 random digits. I use at least 20 character random passwords. Instead of a transparent copy and paste from my password manager I have to leave it open and count out the characters.

kiffer

robindch wrote: »

SecureCode and VbV are there to increase card security and keep fraud costs and cardholder anger to a minimum.

I don't think that's working.

BodFred

I Heart Internet wrote: »

This may have come up before, but can we all take a moment to consider how annoying Mastercard SecureCode and Verified by Visa are.

"No I don't remember my password! So few sites actually use this thing that I forget my password each and every time."

I think I hate them.

Agreed...in all my time owning a credit card I have had to use this only a handful of times, each time I had to reset as I don't remember it because of the rarity it is required.

The latest of which today, I attempted to guess it (more fool me), the reputable online store took my order & put it into an "under review" status...more than likely this will be rejected & delay my order by some days.

I understand the reasoning behind the use of this, hacking methods are becoming more & more sophisticated etc., but either roll it out everywhere or don't bother. The cherry picked sites is a little frustrating.

kowloon

AIB internet banking is another pain, you have that little card reader, a pin number and a registration number as well as having to put in some digits of your phone number. I think they charge you to check your balance online too. It just takes too long, more than once I've just closed the browser rather than going through with the sale.

birchtree

While MasterCard SecureCode and Verified by Visa add a layer of protection for sellers, it is reducing protection for buyers. By forcing customers to provide such personal data as date of birth and mother's maiden name leaves me completely exposed if such details were stolen during the transaction. Nobody can raise a hand and say - my computer and network are 100% secure. The last bit of data that only you and the bank knows are now available for trojans, keyloggers and wifi scanners. Not to mention the inconvenience of remembering yet another password and 'personal greeting'. Speaking of password - I can't even use special characters in the password for added protection. Not very securecode, is it?
What steps can we take to change this?

Also, check out this brilliant post: http://www.boards.ie/ttfthread/2057222013/

SkyBlueClouds

SpaceTime wrote: »

The problem is that the system gets people to set up passwords in the middle of a transaction, rather than when they're thinking about setting up a password. So they set something and then forget it!

It should be something that's properly integrated into your online banking. I don't see why, for example, you couldn't have a SMS verification code to verify your identity or something like that instead.

It seems like primitive technology that isn't really very well implemented.

We need to come up with better systems than complicated passwords - for a lot of people they're extremely cumbersome and hard to remember.
If you get someone who is dyslexic or has slight cognitive issues, then it's even worse.

I've noticed a lot of older people can really struggle with a lot of this stuff, particularly where sites demand complex passwords or start asking you for random digits from passwords.

Two Factor security using an SMS or an app on your phone would make a hell of a lot more sense.

Indeed. Ebay/Yahoo/Google and a few others all use TXT verification codes for resetting passwords and completing important tasks. I see no reason why it couldn't be more wildly implemented.

rainbow kirby

Lloyds in the UK does a pass-through on Verified by Visa for transactions under a certain amount made in GBP. Means I've only had to use it 2-3 times so far, stuff like booking hotels or buying large amounts of bike stuff.

anothernight

rainbow kirby wrote: »

Lloyds in the UK does a pass-through on Verified by Visa for transactions under a certain amount made in GBP. Means I've only had to use it 2-3 times so far, stuff like booking hotels or buying large amounts of bike stuff.

So do TSB and Halifax, which are/were part of Lloyds group. So handy.
I don't really get how a screen that says "Verified by Visa" but doesn't require a password or anything adds any extra security though!

ukoda

KBC use SMS with their MasterCards, i put my details in, next page asks for the code i got from the SMS they send, seems to work ok...untill i cant find my phone

birchtree

ukoda wrote: »

KBC use SMS with their MasterCards, i put my details in, next page asks for the code i got from the SMS they send, seems to work ok...untill i cant find my phone

...or you're abroad and messages aren't coming across...

The biggest argument against codes via sms is that 'not everybody has mobile phone'. Although I don't know anyone personally who doesn't!
Also, if you have your wallet and the phone stolen at the same time, you're just as exposed.