[StBernard] Obama's Credit Card Fraud

[Westley Annis]

And here's how he did it (credit card fraud):



A Credit Card Payment Expert Explains the Depths of Obama's Fraud


-Ace


It's amazing to me that I can get experts in the field composing essays to
me, but the MSM can't manage to find a single expert to give a quote about
this.

Beyond the first paragraph, he recounts his own easy-peasy false-name
donation to Obama. That's old stuff you know about. I'm leaving it in
because I think this guy wants a unified essay. 

After he establishes his bona fides, skip to the bolded asterisk for newer
stuff.

Since the media is having such a terribly difficult time of finding experts
like this, I can offer his phone number to you to talk to him, on the
off-chance you're interested. (And assuming he gives the okay, which
presumably he would.)

<http://ace.mu.nu/archives/276966.php#276966> 

Continue reading


	Because many of our colleagues in the media have failed to
investigate the shenanigans of the Obama Campaign, I have taken upon myself
to uncover some improprieties. One that has troubled me greatly is Obama's
very relaxed donation policies. 

	I have over 8 years experience working in the payment services
industry. By
	taking a closer look at Obama's online donation site, I have noticed
that
	his team has left the door wide open for credit card fraud by not
putting in
	the security measures to ensure full visa/mastercard authorization
	compliance. This is outright irresponsible behavior on the part of
Obama's
	team and in direct violation of their agreement with
Visa/Mastercard.

	I did a test on his site. Acting as Joe Stalin, I went onto the
Obama site
	and donated $5.00. I used false information, address: 100 Red
Square,
	telephone number 323-666-1953, zip code 10001, Employer: Kremlin
	Occupation: Dictator. I did use my valid credit card numbers and
expiration
	date. The typical security measures, Address Verification System and
the
	Card Validation Code are not present on the Obama site. So there is
nothing
	in place to verify who I am. (Please see attachment. [I have his
attachment. I see no point in putting it up; we all know Obama's site allows
this -- ace.]) I clicked submit. The transaction went through.

	Then I went to McCain's site, and entered in the same information.
Joe
	Stalin. $5.00. As you can see, my donation was rejected for errors.

	* What's the big deal? Obama has left the door open for anyone to
run prepaid cards and foreign credit cards without proper screening. In
addition, it is easy to run multi-transactions on the same card but under
different aliases. In other words, an organization like Move On.org could
run tens of thousands of transactions for millions of dollars using
essentially cards belonging to only handful of very large liberal donors
like George Soros, Peter Lewis and Eric Schmidt.

	In addition, Obama's site violates his agreement with
Visa/Mastercard. Visa Mastercard regulations require each credit card
acceptor to "obtain the 3 digit Card Validation Code [CVV2 found on the back
of your credit card. 4 digits for American Express Cards] and submit this
code with all authorization requests with respect to transactions where the
card is not present..." [cite:] Visa/Master Program Guide.

	(Please see attachment or go to Obama's site
<https://donate.barackobama.com/page/contribute> . You will notice that
Obama's donation site does not have this code requirement, which is in
direct violation of Visa/Mastercard regulations.)

	Speculations as to why?

	Many foreign credit cards do not have CVV2 codes. Requiring such
codes would limit foreign donations.

	Secondly, disabling the security allows would be credit card thieves
to
	"ping" numbers till they get a hit. In other words, a crook could
simply
	type in random numbers until he found one sequence that worked in
some
	fashion. That could give a thief a starting point for committing
credit-card fraud. If all they had to do was type nonsense values for names
and addresses, such as Doodad Pro, they could quickly determine which
numbers were valid - and they could probably program bots to do that kind of
work.

	[I consider this latter point a minor concern, given the fact that
most fraudulent donors are willing coconspirators, not credit card thieves.
However, it is interesting that Obama invites this sort of fraud, and
doesn't take the most elemental step to eliminate it -- indeed, he is in
direct violation of Visa/Master Card rules in failing to ask for this code.
Why? Because he wants foreign donations, and he's willing to facilitate the
occasional credit-card thief to get them. -- ace.]

	No Address Verification System (AVS)

	The Value of AVS from a credit card exper: I have over 30 years of
	experience in investigating Credit Card Fraud and I can tell you,
which you
	may or may not know, that the merchant acquirer that is conducting
the
	collection of credit / debit card for the Obama campaign are
responsible for
	the actions to be taken regarding the Address Verification System
responses.
	The value of the AVS system is that the issuer of the card being
used
	provides back to the merchant acquirer a response based upon the
information
	provided during the authorization process. This response indicates
to the
	merchant acquirer if the card information was validated as to
ownership of the account. It is the merchant acquirer that determines what
to do when
	the authorization response is received. In most cases the
transaction that
	comes back with any negative meaning is denied. However, if the
merchant acquirer has adjusted their system to accept any response as
acceptable the transaction would be completed.

	The value of the AVS system is to deny Card Not Present transactions
(CNP)
	which are suspicious. This protects the merchant against charge
backs for
	bad transactions. What is interesting to me is that the merchant
acquirer
	has knowingly violated a basic CNP fraud prevention technique to
accommodate a merchant (Obama Campaign). I think that both the Associations
(VISA & MasterCard) would be highly interested in looking at the merchant
acquirer that was processing these transactions. The value of ignoring the
AVS
	responses is that multiple invalid transactions may be made without
fear of being rejected by the authorization systems. This means that the
real owner
	of the credit card account is willing to allow multiple transactions
to be made on the account using different names and addresses that under
normal conditions would be denied. The merchant acquirer has a complete
listing of all transactions done and it would be very interesting to see how
many transactions were conducted on the same account number using different
names. I would think that this would be a Federal violation under the
current campaign funding laws.

	I hope you will take this inquiry seriously. I want a fair election.
I do
	not want either side to STEAL the election literally. Obama's
tactics have
	gone too far in my opinion. McCain is doing the honorable thing on
his site
	and playing by the rules. Obama is in clear violation of the rules.
Is
	this change we can believe in?

Name withheld, unless he tells me to print it. Helen Jones-Kelley may deem
him to have stepped into the public light.

So I'll call him Modus Operandi.





http://tinyurl.com/5srjb