Bugtraq mailing list archives
verisign payment site backdoor ?
From: Andrej Todosic <atodosic () ubisoft com>
Date: Thu, 7 Feb 2002 19:43:53 -0500
Hello, so i had today a little adventure with verisign about paying some domains. When you go on their secure site and enter payment information, they now require a security check The security check consists of entering a billing address postal code. Without this the payment wouldnt work. After verifying several times witht hem on the phoen ( their system wont accept a canadian postal code). They told me just to put 5 zeros. The payment went through. I also seem to vaguely remember a mention of it somewhere in the payment confirmation screen. My question is: they gave it to me, so they know very well it exists, but what security do they have if they have a backdoor like this, and what is the point of extra precautions when you publicly tell everyone to use zeros if nothing else works. I dont know if this should be made into a big thing, but i certainly dont feel comfortable with these guys having my CC number. Comments or opinions are welcome. Andrej
Current thread:
- verisign payment site backdoor ? Andrej Todosic (Feb 08)
- Re: verisign payment site backdoor ? Nojan Moshiri (Feb 10)