Flaw in stolen credit cards exploited.
Conmen abuse web address checks
Loopholes in the way addresses are checked by online stores are helping fraudsters cash in, say experts.
The flaw means goods bought with stolen credit cards do not trigger security systems that check addresses.
Security firm The Third Man said it stumbled over fraudsters committing the crime while overseeing transactions on a retail website.
But the UK’s payments association said it had seen no evidence that the novel crime was being carried out.
Card fraud
“It’s pure chance that we picked this up,” said Andrew Goodwill, director of anti-fraud firm The Third Man.
The scam exploits the mechanics of the Address Verification System (AVS) that many retail sites use to check the address of those using a credit card at an online store.
When carrying out address checks AVS compares the house number of a customer plus the digits in their post code to those input during a transaction.
For instance, if the Prime Minister bought goods at an online store with a credit card, AVS would use numbers in the address – 10 Downing St, SW1A 2AA – to help verify his identity.
In this case AVS would use 1012 as a shorthand ID check.
By finding an alternative address that has the same house number and digits in a very different post code, fraudsters could convince AVS the address was genuine even though it was completely different.
Satisfied that the transaction was safe the shop would then ship the goods to the fraudster’s address.
“Retailers relying on AVS, or where a retailer will only deliver to the billing address, are facing a potentially huge risk,” said Mr Goodwill.
He predicted that if nothing was done to fix the loophole online retailers stood to lose millions.
Figures released by Apacs – the body that represents the UK payments industry – show that in the last year so-called “card not present” fraud totalled £291m.
“While we do completely agree that there’s fraud happening, we and the police, as yet, have not seen any evidence suggesting this is being carried out in the real world at the moment,” said Jemma Smith, a spokeswoman for Apacs.
Mr Goodwill said it knew of one gang in London using this technique and expected others to take up the scam soon.
Ms Smith said fraudsters preferred crimes that were easy to commit in large volumes. By contrast, she said, finding credit cards tied to addresses that match characteristics for places fraudsters have access to seemed very complex.
“Retailers should never be reliant on just address verification,” she said. “They should always be undertaking additional checks particularly if they are a fraud prone retailer.”
“AVS is one piece of the identity jigsaw,” said Andrew McClelland, director of business development at the Interactive Media In Retail Group (IMRG) which represents online stores.
“It should not be relied on by itself,” he said. “It’s part of building up a picture of information and level of certainty a retailer has about a transaction.”
My Words:
A flaw in in stolen credit cars all retail markets should keep an eye on. This exploits a flaw in stolen cards that uses the mechanics of the Address Verification System. The mechanics is really simple using the personal address as a basis of proof. A good example such as posted in the blog uses the numbers in your address. By find identical numbers with a different addresses the conmen were able to convince the AVS to agree with the transaction.
Android’s presence looms over iPhone.
Ken Dulaney, vice president and distinguished analyst with research firm Gartner, said he believes the iPhone will maintain its No. 3 overall smartphone position. But the current second-place platform from Research in Motion will lose more than 7 percent total market share, while he expects Android to grow in leaps and bounds and take that spot. Symbian OS from Nokia is expected to stay on top.
The forecast is part of a presentation Dulaney is scheduled to give at Gartner’s Symposium ITxpo, which runs Oct. 18 through 22 in Orlando. The data is based on an estimated 522 million smartphones to be shipped during the period.
“All players in smartphones should see good growth at the expense of the next category down, feature phones which are in turn moving down into the category that used to be called basic phones,” Dulaney told AppleInsider.
Apple currently has a 10.8 percent share of the smartphone market, which is predicted to grow to 13.7 percent by 2012, with sales of 71.5 million units. And even though Symbian and Nokia are predicted to lose 10 percent of the market, the platform’s massive lead keeps it well ahead of competitors with 39 percent in 2012.
Dulaney said he believes Android will surpass the iPhone in market share because many handset makers are “betting their future” on Google’s Android platform, while Apple is only one company.
“Android rises to number two simply because, unlike Apple, they license their OS to multiple OEMs,” Dulaney said. “They have the number 2 OEM, Samsung, and strong players like LG, Motorola, HTC and now Dell. There are others in the works. Apple will still likely have the top of mind in the marketplace with probably the most purely defined consumer product.”
Dulaney’s forecast is lower than an August prediction by Mike Abramsky with RBC Capital Markets. He believes that total iPhone shipments will hit 82.1 million in 2012, good for a 16.3 percent share of the smartphone market.
My Words:
The presence of Android phones is rocketing the leader board of the smart phone market. Multiple manufacturers and handsome interfaces makes it a great hit to the buyers. Some of the major brands are now using the Mobile OS for their smart phones. Everyone knows the Windows Mobile OS loads as quick as paint dries. As for the present market, the most popular smart phone for the youth would be the iPhone yet they seem to be having quite a problem with their new firmware. As for Nokia’s Symbian OS, it exhibits features and specs not as updated as the current market is. Still, Nokia holds the largest share of the market with their cheap and easy to use phones. Now as the Android OS emerges from the deep well of developers Google has, the OS showed very promising features that makes techies and all consumers alike drool. Updated phone, updated specs and updated features makes brands GOLD.
