General discussion

  • Creator
    Topic
  • #2181854

    How savvy are you about online security? Take the test & find out.

    Locked

    by deepsand ·

    Before reading the findings of a study, conducted by the Univ. of Pennsylvania, based on this test, try it yourself.

    Seventeen Facts American Shoppers Need to Know – But Don’t
    [v]http://www.annenbergpublicpolicycenter.org/04_info_society/Seventeen_Facts_WEB_FINAL.pdf
    [/v]

    For the press release, see
    [v]http://www.annenbergpublicpolicycenter.org/04_info_society/Turow_%20APPC_Press_Release_WEB_FINAL.pdf[/v]
    For the full report, see
    [v]http://www.annenbergpublicpolicycenter.org/04_info_society/Turow_APPC_Report_WEB_FINAL.pdf[/v]

    ==================================================

    Topics > Privacy & Security > Privacy > Online Privacy >

    How Savvy Are You About Your Online Security?

    U.S. residents are “dangerously ignorant” of the data that Web site owners collect on them, a study shows.

    Juan Carlos Perez, IDG News Service
    Wednesday, June 01, 2005

    U.S. Internet users are dangerously ignorant about the types of data that Web site owners collect from them and how that data is used, a new study has found.

    This lack of awareness makes U.S. Internet users vulnerable to online exploitation, such as personal information misuse, fraud, and overcharging, according a study conducted by the University of Pennsylvania’s Annenberg Public Policy Center.

    For the study, titled “Open to Exploitation: American Shoppers Online and Offline” and released today, 1500 adult U.S. Internet users were asked true-or-false questions about topics such as Web site privacy policies and retailers’ pricing schemes.

    Failing Grades
    Most respondents failed the test, correctly answering, on average, 6.7 of the 17 questions. The study’s interviews, conducted between early February and mid-March 2005, yielded some findings the authors consider alarming, including:

    75 percent of respondents wrongly believe that if a Web site has a privacy policy, it will not share their information with third parties.
    Almost half of respondents (49 percent) can’t identify “phishing” scam e-mail messages, which information thieves dress up to look as though they came from a legitimate company, such as a bank or store, to lure users into entering sensitive information. Requested information might include Social Security numbers, passwords, and bank account numbers.
    62 percent of respondents don’t know that an online store can simultaneously charge different prices for the same item based on information it has on different shoppers–a practice that can make users victims of what the study’s authors call “price discrimination.”
    To address the problems identified in the study, the Annenberg Public Policy Center is proposing three measures:

    The U.S. Federal Trade Commission should mandate that Web sites replace the term “Privacy Policy” with “Using Your Information” to combat users’ misconception that those documents are Web sites’ pledges not to share their information with third parties.
    Consumer education and media literacy should be taught in elementary, middle, and high schools in the United States.
    By government decree, online retailers should be required to disclose what data they have collected about customers, and when and how they will use that data.
    If you’d like to take the test yourself, go here.

All Comments

  • Author
    Replies
    • #3170309

      Took the test…

      by geekchic ·

      In reply to How savvy are you about online security? Take the test & find out.

      I missed one because I misread the sentence. I would love to use this for some of my employee training classes on security. I especially liked the included explantions for the correct answers.

      • #3169744

        Excellent score.

        by deepsand ·

        In reply to Took the test…

        Now, start educating you family members, friends, etc..

        Only when a sufficiently large portion of the populace truly understands their vulnerabilities will we see any real demand for better safeguards and/or more care given to using those that already exist.

        Until then, we should not expect the con artists to seek greener pastures.

    • #3169899

      interesting test

      by jaqui ·

      In reply to How savvy are you about online security? Take the test & find out.

      got one wrong, cause I don’t trust any company to not screw me over.
      ( should have guessed true about that law. )

      just goes to show ya, being security aware and non-trusting doesn’t always cross into tests as such.

      • #3169745

        Still, you’re way above average.

        by deepsand ·

        In reply to interesting test

        Given how poorly the sample population did, it’s little wonder that it’s become so easy for so many to take advantage of the weaknesses in the manner in which so much information is handled.

        And, why there has been no greater public outcry for stronger safeguards.

    • #3169875

      Well

      by oz_media ·

      In reply to How savvy are you about online security? Take the test & find out.

      I mad eit through most of the test, got bored. But it was pretty logical actually, I don’t se ehow peopl ewouldn’t see this as common knolwedge for day to day information and not JUSt computing. I suppose being in sales and promotions, I have learned how information is gathered, long befor ecomputers it was mainly done through contests and entry forms.

      Though most rules are applicable in Canadian law, there were one or two that weren’t. Canadian chairties have to get a check mark in a box or have you agree to the terms of the donsation etc. by signing it and thus approving the information share.

      And one other but I forget which it was.

      I think Jaqui didn’t have a problem because even being Canadian, he said he doesn’t trust anyone with that information, and rightly so in MOST cases.

      But thanks for the excersise, it was interesting to see many people are clueless to these basic security measures, yet they are just common sense and in several cases are not unique to computer use but have applied to written information provided too.

      P.S. Beyond securing a few ports and having anti-virus, anit-spyware installed, I am definitely NOT a security tech.

      • #3169743

        Dreadful that so many are so clueless re. non-computer related issues.

        by deepsand ·

        In reply to Well

        With all these sheep, why would the wolves even think about seeking new hunting grounds?

    • #3169765

      Why do they still print credit card numbers on recipts?

      by jmgarvin ·

      In reply to How savvy are you about online security? Take the test & find out.

      I scratch them out, but I just don’t see the point. If you have the auth number, the last four of the CC, and the name of the person it is reasonable to assume you have the right number.

      I’ve heard the crap that you can’t fight the charges in court, etc, but it is all FUD.

      My point? STOP PRINTING MY DAMN NUMBER ON THE RECIPTS!

      Oh, the test was good, but pretty common sense.

      • #3169746

        It’s a carry-over from the days when imprint slips had to be deposited …

        by deepsand ·

        In reply to Why do they still print credit card numbers on recipts?

        by the merchant at his acquiring bank.

        With the advent of the modem based POS terminal, and now the i-net virtual terminal, and the ensuing ubiquity of both, it’s become an anachronism.

        The on-net associations (VISA & MasterCard), along with the off-net issuers (AmEx & Discover) have issued new merchant policies addressing this practice, such that it will soon be the case that all receipts bear the 4 terminal digits (which are actually check-digits) only.

        • #3171032

          Many states…

          by synthetic ·

          In reply to It’s a carry-over from the days when imprint slips had to be deposited …

          already have laws making it illegal for the full card number to be displayed. I know in LA this is now the case. I make sure to nicely point out that this is now law, and hope to hear an acceptable answer concerning how this issue is being resolved by the business. If I do not get this, I report them, and make sure I let the owner/ general manger know they are in violation of the law, and that I will wait to resume my business with them until the have brought themselves into compliance.

        • #3171490

          Not controllable by the merchant.

          by deepsand ·

          In reply to Many states…

          POS terminals are dedicated processors, with embedded programs provided by either the manufacturer or the merchant’s card processor.

          All currently now on the market can be reprogrammed via a download from the merchant’s processor. There are also many older machines in use that either cannot be reprogrammed, or cannot support the latest upgrades.

          The mere passage of legislation banning the printing, on the POS tape, of the full account no. in the clear is not sufficient to make it so.

          That rule needs to 1st be promulgated to both the merchants [b]and[/b] the card processors. Merchants then need to wait until their card processor has a suitable upgrade available for their particular POS equipment; if their’s cannot be upgraded, they then need to 1st procure new equipment.

          None of this happens overnight.

          In fact, merchants generally would [b]not[/b] receive notice of such directly from the state, as the state has no way of knowing who needs to know such! Rather, they rely on the on-net card associations (Visa & MasterCard) and/or the off-net issuers (AmEx & Discover) , with whom they have merchant accounts, to keep them apprised of such.

          As an aside, I notice that your post used the word “display,” stating that “many states” prohibit such. What states prohibit, & what constitutes, the “display” of a credit/debit card account number?

        • #3170964

          Finally!

          by jmgarvin ·

          In reply to It’s a carry-over from the days when imprint slips had to be deposited …

          When do we get to see this? I’ve gone to a number of stores and about 50% still print my full number. It happened in CA, NM, TX, and MO. I just can’t wait for this stupid practice to STOP.

          At one place I recently made a purchase and I scratched out the CC number. The clerk claimed that I couldn’t do that and I would have to be re-rung! I told them where to shove it and explained how it was a major security violation and part of the identity theft problem!

          Arg! I hate this little anachronisms….

        • #3171489

          2 answers.

          by deepsand ·

          In reply to Finally!

          1) Manual imprint slips will, of necessity, obviously continue to bear the entire account number. As such bears the signature of the card bearer, and such is a contractural agreement to pay, the account no. is required to identify the accountholder liable for such payment.

          2) As regards POS receipts, signed by the card bearer, such is not under sole control of the merchant; see my above post on this aspect.

        • #3191024

          Deadlines vary by size of annual transaction volume

          by deepsand ·

          In reply to Finally!

          E-merchants Face Credit Security Deadline

          By Brian Quinton

          May 25, 2005 7:39 AM

          The clock is ticking on an effort by the big credit card companies to get Web merchants to tighten up both their data handling policies and their network security.

          Whether they know it or not?and according to observers, many don?t?online merchants are facing a June 30 deadline to come into compliance with a unified set of broad data-protection policies adopted last December by Visa, MasterCard, American Express, Discover and their issuing banks. If they don?t comply with these measures, they could face fines of up to $500,000 for each transaction or be permanently kicked out of the card acceptance program.

          Despite the fact that these deadlines were announced last year, many of the web merchants covered have not yet put the systems in place to comply with the standards, known collectively as the Payment Card Industry (PCI) Data Security Standard, or have not gotten independent certification of their compliance, as most are required to do.

          ?We estimate that if an audit were done on PCI compliance today, the majority of U.S. merchants would be about 30% prepared,? says David Glaser, director of professional services for CyberSource, a payment solutions provider.

          The PCI data standard replaces similar individual standards promoted for years by the separate card companies, in an apparent effort to encourage a proactive response to the problem of online credit card fraud. (Diner?s Club and JCB Cards are also participating in the effort.) They also interoperate, so that merchants who satisfy one card issuer that their systems are secure and compliant can assume that they are compliant for all the cards. Basically, the standards revolve around twelve specific measures in six areas of security:

          * Build and maintain a secure network: Merchants must install and maintain a firewall configuration to protect data. They also may not use vendor-supplied passwords or other default security measures.

          * Protect cardholder data: Merchants must protect stored data. They must encrypt transmission of that data and other sensitive information when sending it across public networks.

          * Set up a program to manage security weaknesses: This will include using and regularly updating anti-virus software, and developing and maintaining secure systems and applications.

          * Establish bullet-proof access control: Access to consumer data must be restricted to those who need to know for business reasons, and each person accessing computer systems must have and use a unique ID. Merchants must also restrict physical access to cardholder data.

          * Test and monitor networks regularly: E-commerce sellers will have to track and monitor all access to cardholder data. They will also have to put their security systems and procedures to periodic testing.

          * Finally, merchants will have to establish and comply with a set of policies to keep information secure.

          All merchants processing their own card transactions will have to comply with these standards. But the card companies and financial institutions have set up a tiered system of requirements for validating that compliance, based on the volume of card transactions a merchant processes. This system makes certifying compliance more rigorous for the high-volume merchants, on the theory that they represent most of the fraudulent transactions. The compliance deadline has already passed for the top rank, clearing more than 6,000,000 transactions a year in any channel, online or off-, on a single card system?for example, Visa. Those merchants have been compelled to submit to an annual on-site security audit and a quarterly network scan, either by their own IT officers or a qualified third party assessor.

          Level 2 and 3 are the merchants with the looming June 30, 2005, deadline. Level 2 merchants are those processing 150,000 to 600,000 transactions per year on one of the participating cards. Level 3 are those merchants clearing 20,000 to 150,000 sales on a single card system. Those two groups will need to go through a mandatory annual self-assessment of their compliance and a quarterly network scan, which they can either perform themselves or have done by a qualified independent assessor. The first validation must be done by the end of this coming June.

          At the lowest tier, Level 4, are all other merchants processing credit card transactions, either physically or on the Web. These merchants must comply with the PCI standards just like their larger counterparts. But validating that compliance, with an annual self-assessment questionnaire and an annual network scan, is optional?although ?strongly recommended? by the credit card companies. Since validation of compliance is voluntary at this level, these smallest merchants don?t face a deadline.

          The card issuers won?t reveal how many Level 1 merchants have already met and certified the required security standards. But reports indicate compliance at the top has been high, partly due to the cooperation and persuasive powers of the banks that sponsor the merchants into the card networks.

          At the lower levels, the security situation is more complex. ?It?s a mixed bag at the moment,? Glaser says. ?Most merchants have a concern for the cardholders? data, so they are making some effort to secure that. Most we see are encrypting that data. But they may not be encrypting it to the levels that are required by the standards. The problem for many may be in the level of compliance, not the process.?

          At the small-to-midsized end of the spectrum, the security status quo may be even spottier. ?Some merchants have been focused on selling as much as they can, while others have been focused on building a secure environment,? Glaser says. ?Especially among smaller merchants, we see a tendency to focus on one thing to the exclusion of other elements.? One particular problem for small merchants may be simply generating and documenting a security policy, and then training personnel to observe it.

          Despite the deadlines, the compliance requirements and the stated penalties, it?s still not likely that merchants who can?t certify security will find themselves barred from processing card transactions or facing a whopping fine on July 1, 2005. The card companies have all indicated a willingness to work with the merchants and their sponsoring financial groups, provided they can show a good-faith effort to come into compliance with the PCI standards.

          CyberSource and other payment advisors are now working with various merchant clients to bring their systems into line with the PCI. Glaser says one thing he sees is that merchants often don?t know which level of compliance they will be held to. He recommends that merchants with questions about what standards they will need to meet get in touch either with the card issuer or their acquiring bank, whichever they are more accustomed to dealing with.

          ?If you?re sure you?re going to be compliant by June 30, then go ahead and file the paperwork,? he says. ?If you?re not sure, the best thing is to show proactively that you have a plan in place for becoming compliant, with a timeline and deliverable dates. The most important thing to do is to start the work and to register with your banks that you are working on compliance. It may not get you off the hook for a fine or penalty if your system gets breached before you are compliant, but it should keep you from having a card company breathing down your neck until you comply.?

        • #3191013

          Right on…

          by jmgarvin ·

          In reply to Deadlines vary by size of annual transaction volume

          I’m bringing this article to all my local merchants and them I’m ratting them out when they don’t comply by June 30…I’m tired of lazy merchants not protecting consumer information.

        • #3192057

          Fly in the ointment?

          by deepsand ·

          In reply to Right on…

          How would you determine their classification level?

          It’s almost assured that they’re [b]not[/b] going to hand you their merchant acct. stmts. for AmEx, Discover and VISA/MasterCard, 36 statements in all, for the previous year so that you can see their total no. of transactions for each of the three systems.

      • #3170993

        Not here

        by oz_media ·

        In reply to Why do they still print credit card numbers on recipts?

        I can’t speak for the rest of Canada but any card I’ve used here has never had the FULL number printed on the receipt.

        • #3171817

          not here either

          by john.a.wills ·

          In reply to Not here

          I don’t think I’ve seen the full number on a printed receipt for several years. Of course, the full number is still on embossed receipts, and I have had a few of those recently (taxi, electrician).

      • #3171732

        Bank account mailings, too

        by jplconsultant ·

        In reply to Why do they still print credit card numbers on recipts?

        All banks will X-out most numbers of your bank account when using snail-mail to discuss the account. However, they don’t always X-out the same numbers of the account for all snail-mail. Thus, your monthly statement may only show the last 4 digits, but the monthly advertisement to get you to sign up for another program tied to that account will show only the first 6 numbers. Thus, a person who steals your mail can still get your bank account #. I don’t understand why they do that.

        -JPLc

        • #3191014

          The situation that you describe is an unusual one.

          by deepsand ·

          In reply to Bank account mailings, too

          In fact, at my age of 59, I’ve seen countless financial statements of my own, those of family members, friends, clients, etc., spanning numerous financial institutions, and have [b]never[/b] seen a printed statement, for any type account, by any bank, that did [b]not[/b] display the entire account no.!

    • #3170902

      Videos

      by jellimonsta ·

      In reply to How savvy are you about online security? Take the test & find out.

      I don’t rent movies very often so I actually got number 11 wrong. Guess I am paranoid! 🙂

      • #3171537

        Videos

        by beads ·

        In reply to Videos

        Ummm… guilty. I missed this one as well. Probably because its been years since I have rented a video. Then again… I never saw ET either.

        Living under the IT rock, it seems,

        – beads

      • #3171487

        Just because you’re paranoid, …

        by deepsand ·

        In reply to Videos

        doe’nt mean they’re [i]not[/i] out to get you.

        • #3171799

          LOL

          by jellimonsta ·

          In reply to Just because you’re paranoid, …

          Too true Sand, too true!! 🙂

        • #3192051

          Wish I could laugh without my back hurting.

          by deepsand ·

          In reply to LOL

          Owing to a degenerative disc in my lower back that’s current “acting up,” violent movement of the diaphram is painful.

          Sneezing’s a real bitch and a half!

        • #3191723

          That sucks

          by jellimonsta ·

          In reply to Wish I could laugh without my back hurting.

          Sorry to hear about that Sand. As much as I hate drugs, I hope you have something that eases your pain.

          Reminds me of when I was a kid and my Dad got a rib broken in a bar fight. We would watch the movie Gremlins over and over as we knew the Cinema scene always made him howl. We got a real kick out of seeing him cry as he was in such pain to laugh.

          He got his own back on me though. When I had my appendix out he visited me in the hospital and proceeded to read a very funny adult comic book to me (Viz (ask Neil about it)). You know how hard it is to not laugh when a couple of people are rolling on the floor.

          Paybacks are a bitch! 🙂

        • #3192419

          Viz?

          by deepsand ·

          In reply to That sucks

          Anything like Zap Comics?

          [i]Captain Piss-Gums & his Perverted Pirates[/i] where always guaranteed to have everyone exhausted fron laughter.

        • #3193294

          Not sure

          by jellimonsta ·

          In reply to Viz?

          I have never read Zap. I also have not read Viz since probably the mid nineties. Here is the site;
          http://www.viz.co.uk/

        • #3193226

          Different flavor, but definitely cut from the same irreverent animal.

          by deepsand ·

          In reply to Viz?

          Although the free clips that I could access were quite limited, it seems to be a more “socially acceptable” publication than was [i]Zap[/i] in the ’60s.

    • #3171543

      Video Store

      by joetechsupport ·

      In reply to How savvy are you about online security? Take the test & find out.

      I got that incorrect, I assumed they could share my rental info. We oughta know.

      The DBA and Marketing people out there know this stuff pretty well:

      The various systems matches people, profiles really, by disposable income and psychosocial factors such as lifestage, marital status, neigbourhood and ethnicity to products this ‘Unit’ will want to purchase. This is an old marketing concept automated to the nth degree thanks to our field. We are big brother. Or at least the people who stamp the resettlement passes, if you get my drift.

      In most cases except your ‘relationship’ with your bank or whatever, your information remains largely anonymous in a sea of data but if anyone, say CSIS, Homeland Security or a hacker decides you present a problem, the information is there.

      OZ_Media: more of my credit and debit receipts have some of the numbers removed here in Vancouver. It depends on who the business sets up their merchant account with-Squirrel, Moneris, etc Their programmers setup what your receipt looks like. It’s technicaly easy to change, but the store owner won’t know that.

      It will be better when they show no mumbers at all. I’d also like to see Credit cards go to PINs instead of signatures, signatures are just non-sequitor to me in this day and age. Virtually all of our online credit card transactions are unprotected in that one hase to post ones’ a credit card on a site like PayPal with much of your personal information.

      Credit Theft Security in General? The only other way, what I do:
      I visually regularly check ALL my credit credit card and account balances.
      I open only as required accounts with international or online shippers. Otherwise only hold one online pay service.

      If you check your cards and accounts regularly, you don’t need to worry about identity theft or someone steeling your carbon copy receipt because you can jump on it if and as it happens. You will find financial institutions respect this attitude.

      • #3171484

        Changing tape print-outs & the 4 terminal digits

        by deepsand ·

        In reply to Video Store

        1) Changing the tape format is not as quick & easy as one might suppose. For more on this, see my above post, at
        [v]http://techrepublic.com.com/5208-6230-0.html?forumID=9&threadID=175495&messageID=1784678[/v].

        2) The 4 terminal digits are check digits; knowing them provides no information re. the actual account no.. Furthermore, as the signed POS tape constitutes a contractual agreement to pay, it [b]must[/b] contain some data that can be used to identify the cardholder account which is liable for such payment.

        • #3171467

          yup..

          by jaqui ·

          In reply to Changing tape print-outs & the 4 terminal digits

          transaction number.
          the authorisation is against a specific transaction number.
          the card number is only required for getting the authorisation number, after that it is not rquired anywhere.
          ( not even on manually filled out slips )

          a store that is using the carbon/less slips with the imprint machine needs the card number on the merchant ( deposit ) copy.
          but not the other two copies.
          ( merchant records, customer receipt )
          this is because usually there is no approval until after slip is deposited.

          the electronic swipe pos system doesn’t even need the card number after the approval comes through.
          the transaction record has the only number needed, transaction number.
          card issuer can make correct payment with that number alone.

        • #3171303

          Where to begin?

          by deepsand ·

          In reply to yup..

          1) Authorization codes are not unique.

          2) Authorizations identify only the specific dollar amount, the merchant acct. no., and the cardholder’s acct. no., and the date on which they expire.

          3) Auth. codes are issued [b]prior[/b] to a tranaction code being ascribed.

          4) Transaction numbers are not unique; it is typical, on POS machines, following an open batch being settled, for transaction numbers to be reset to the same initial value, and increased incrementally by 1.

          5) A single purchase can span multiple transaction numbers; for example, when the authorization & capture are performed separately, as is not unusual.

          6) The transaction numbers assigned at point-of-sale are for the card processors use only; they are [b]not[/b] the same as those which appear on one’s statement. The account number is absolutely required for settlement.

          7) In general, merchants are required to obtain an authorization, and record such on the imprint slip, [i]prior[/i] to imprinting the card and obtaining the card bearer’s signature.

          8) With respect to manually imprinted slips, the original is for the customer, one copy is for deposit, and the other the merchant’s copy, which he is required to keep (see item 10, below).

          9) In the event of a dispute, the merchant will be provided with the account number in question, [b]not[/b] the authorization code and/or transaction number(s). If needed to resolve the dispute, it is the merchant who would need to provide such. Without some portion of the account number, the merchant has a near impossible task of successfully defending against a charge-back; a signature on an imprint slip or POS tape does not identify the account in question.

          10) Merchants are required to keep [b]all[/b] pertinent records, with the exception of the Card Code, for a substantial period of time following settlement of the transaction; a typical time period is 3 years.

        • #3171800

          Receipts

          by joetechsupport ·

          In reply to Where to begin?

          We were speaking to what get gets printed on the receipt from the POS terminal. The information required for the transaction from the PIN terminal through authorization/reversal, void, charge, credits between client-merchant-processor-financial institution are another matter. There is to my recollection a differing degree to how much of the card number is shown on the receipt. I haven’t investigated if these differences pertain to clearing house, financial institute or whatever. From what I’ve seen with work at my old employment and ISO 8583, the change is technically easy, but approval may be another thing.

          I do not doubt you folks are correct

        • #3191017

          The copy of the POS tape is the equivalent of the merchant’s copy of …

          by deepsand ·

          In reply to Receipts

          an imprint slip.

          Therefore, some portion of the card acct. no. [b]must[/b] be present of the tape so that the merchant can match the transation to that of an acct. under which a dispute has been initiated.

          Keep in mind, for example, that for Visa, MasterCard & Discover, which use 16 digit nos., the 4 terminal digits are check-digits, derived from the 1st 12.

          The 1st 4 are the Interbank no., which serves to identify the issuing bank; the next 2, the Portfolio No., such that the 1st 6 identify the servicing bank; and the next 6 the actual acct. no..

          It is not possible to determine the 1st 12 digits from the last 4.

          AmEx, with a 15 digit no., which includes both their traditional T&E charge cards, along with theur newer credit cards, use a different scheme, but with the same result that the 1st 11 digits cannot be dreived from the last 4.

          Therefore, printing the 4 terminal digits on the tape serves to provide sufficent data for the merchant to match a given transaction with a disputed one, but cannot be used to determine the entire acct. no..

          Accordingly, the display/printing of such present no security risk.

        • #3192060

          Thank you…

          by jmgarvin ·

          In reply to The copy of the POS tape is the equivalent of the merchant’s copy of …

          This verifies what I understood to be true. They only need the last 4 digits and not the rest…

        • #3192056

          To serve is my pleasure.

          by deepsand ·

          In reply to The copy of the POS tape is the equivalent of the merchant’s copy of …

          That I am so familiar with the nuts & bolts of card processing is owing to the fact that I happen to have several clients for whomh I’ve had to become intimately familiar with the inner workins & hidden mechanisms of what for most is an unseen & unconsidered world.

          Most merchants themselves are pretty much cluseless as to what happens behind the scenes; they’ve enough to do just keeping things working, without having to wonder about how they work.

        • #3192565

          thanks

          by joetechsupport ·

          In reply to The copy of the POS tape is the equivalent of the merchant’s copy of …

          Seeing the variability in digits displayed and the other merchant ID, authorization, reference #’s that seem present I thought card # presence was optional. I suppose a cashier could have told me this 🙂

          Thank you for your explanation deepsand. If my colleague and I ever get it together, this entire thread will have been helpful as well as edifying.

        • #3192418

          Cashiers are clueless.

          by deepsand ·

          In reply to The copy of the POS tape is the equivalent of the merchant’s copy of …

          With no need to know, absent an active curiousity they’ll not ask about the matter.

          Hell, all too many of them don’t even know how to determine & provide the correct amount of change if the auto-dispenser fails!

      • #3171463

        Where you been hiding?

        by oz_media ·

        In reply to Video Store

        Sorry for being rude but I haven’t run into you here or perhaps you updated your profile and added your location.

        I am in New West probably 10 or more days of each month, they sure have cleaned it up over the last 10 years as far as street people are concerned! It’s actually somewhere I have thought about moving back to IF I take permanent work in Coquitlam.

        That’s actually where I run my studio from, you may have seen Fiasco Brothers (Outlaw Entertainment) and Diamond Sharp (22nd st Studios) on 12th I’ve done a lot of work with them too, good studios.

        Don’t know if you do the races at Hastings park but if you ever want to lose some money and drink a few beers let me know by peer mail.

        ALSO, if you’re NOT into racing but want to hit the PNE (Which is up to $10 this year), you can apply for a FREE Horse Player account (BEFORE THE FAIR) and they will send you a card so you can make bets (which you don’t have to do) and you get free admission to the PNE anytime any year. You can save a bundle taking the family out for the day.

        Again, if you want details, just peer mail me.

    • #3171880

      Pretty Savy

      by mjd420nova ·

      In reply to How savvy are you about online security? Take the test & find out.

      You should have seen the agreement that I had my kids read and sign before I allowed them on the
      internet. It involved never giving anyone your
      real name, address, phone number, or place of birth. Or the same info of anyone, whether you know them or not. Also, never to even look at any e-mail from anyone they didn’t know, Sounds pretty tough?? It has worked so far, I’ve not had any virus or worms and has remained secure
      since set up. With four machines, three desktops
      and one wireless laptop, each machine has its
      specialty, one for audio downloads and cd burning, one for video downloads, and capture
      and DVD burning and one for online gaming. The laptop really has no specialty except being
      portable and wireless. All are on a VPN and
      have WINXP Home..I have anticipated the worst
      and prepared for eventual penetration but have
      remained clean of trouble for 10 years. I did
      set up one low end machine to drive a printer,
      kind of like a printer server for the other machines and doesn’t get onto the internet so
      it has very limited functionality other than to
      print from the VPN. I did set up one machine
      a couple years ago for my youngest son to
      experiment with and became infected from a porn site, hijacked home page, pop ups, and endless
      email. Once that username was eliminated all
      returned to normal. I use the Win firewall on
      each machine, and a firewall on the router.
      I wish all my customers could do the same, but
      most have at least one user who runs amuck and
      infects their whole network, but it’s these guys that keep me employed.
      works, My machines have never been infected,
      hijacked or

      • #3192058

        Either you’re one lucky parent, or …

        by deepsand ·

        In reply to Pretty Savy

        you’ve got Stepford kids!

        I know a zillion people who would kill for the success that you’ve had.

        If you can find a way to market your method, in a manner that is almost guaranteed to work, you can make your fortune.

        • #3192531

          Too many kids are too trusting

          by jmgarvin ·

          In reply to Either you’re one lucky parent, or …

          It is amazing what kids will give away online! I saw a study (I’ll have to dig up the link) that said 90% of all children in the study gave away names, birthdays, and other critical information.

        • #3192417

          Adults are’nt much better.

          by deepsand ·

          In reply to Too many kids are too trusting

          There have been a number of “man-on-the-street” studies in which a surpringly large portion of the sample willing gave up user ids & passwords for a nominal compensation.

        • #3191424

          Yup…Adults are stupid

          by jmgarvin ·

          In reply to Adults are’nt much better.

          ‘Course I’d give a false name and password for a free latte 😉

        • #3191416

          Adults ARE stupid

          by oz_media ·

          In reply to Yup…Adults are stupid

          I think MOst children are MUCH smarter than adults. Kids to whacky things but they simply don’t know better and have a lot to learn, which they generally will.

          Adults, know better and STILL do stupid things all the time.

          “I didn’t think it would work to well”
          “I should have known better”
          “I KNEW that was gonna happen”
          “I didn’t think it would hold up too well”

          Kids never say these things, they just don’t know better, adults know better but do stupid things regardless.

        • #3193017

          Ignorance vs Stupidity

          by deepsand ·

          In reply to Adults ARE stupid

          Children possess the former; adults, the latter.

          And, [b]both[/b] are fun to watch.

Viewing 6 reply threads