9 Jun
2012
9 Jun
'12
5:34 p.m.
On Sat, Jun 9, 2012 at 12:12 PM, Wayne E Bouchard <web@typo.org> wrote:
The main weakness of CVV2 these days is "form history" in browsers. (auto complete).
Any website requesting a CVV2 in a form field without the form history/autocomplete being disabled is in breach of PCI compliance, and risks losing their ability to accept credit cards. That's not to say there aren't some that do it, but to call this the "main weakness" of CVV2 is simply wrong. Scott