               
               м
  млплм  мллм ппплм  Released: 8/3/96 by Korrupt
  онмлл л п л олн п  Type: Report on New Anti-Carding Technology
  онплм л   л олн      - Rebels of Telecommunications -
  ллнллнллмлл олн               - Returns -
   п лп  ппп   п           - To the H/P/A Scene -
  

     -/-  Visa & VeriSign Team For Net Authentication  -/-
                           07/22/96

    A new alliance between Visa International and VeriSign is aimed at 
making safe online purchases of goods and services via the Internet's 
World Wide Web. Under terms of the agreement, VeriSign will operate an 
Internet-based digital certificate authentication service based on the 
Secure Electronic Transactions (SET) specification.
    The SET specification calls for cryptographically prepared digital 
certificates to be used as the "virtual" equivalent of a credit card in 
financial transactions. With the VeriSign system, the user's full 
credit card number is not transmitted in the digital certificate. 
Instead, the merchant receiving the certificate to verify the identity 
of the buyer and his or her credit. The purchase is processed and the 
buyer is billed only after the customer's digital certificate is 
verified through a Visa cardmember's bank and VeriSign.
    If hackers wanted to break the system and make purchases via the 
VeriSign scheme, they would need to somehow obtain a user's entire 
credit card number and crack the digital encryption code.
    VeriSign officials have said in published reports that the system 
is one hundred times safer than more traditional credit card purchases 
like off-line, telephone order, and mail-order.
    Today's announcement is a part of VeriSign's Private-Label Digital 
ID product strategy, officials said, in which VeriSign will develop and 
manage Digital ID solutions for companies wanting to establish 
authentication services. VeriSign will initially target the credit 
card, banking, brokerage, and publishing markets.
    VeriSign spokesperson Kelly Ryan told Newsbytes that when it comes 
to the company's Digital ID plans, the company will use three schemes. 
"In the Visa credit card model the banks and Visa own the brand, and 
VeriSign is doing the certificates for the banks," she said. "You can 
think of it in three ways: one, you are the brand, another is that we 
share the brand, and the third is that VeriSign is the brand."
    VeriSign also said test certificates are available from its Web 
site (at http://www.verisign.com ) for application developers who want 
to establish "SET-certified" products for electronic payment use.

     How to Play with the VERI-CARD:

        Ok, I hope you read the story above about this new little
scheme to stop the potential use of carding over the Internet. Well
there are some ways around this. First you need to obtain, a credit 
card number(use a cc generator or steal one). Now go buy as you wish. 
Now you know what you want to buy right, you give your CC number to 
the company from which you want to purchase a dandy little item and 
now you have to wait for that damned veri-card signal to get back to 
them so they will send your shit out right. Right! Then the company 
will ship the product out to you. Wrong, since you have a fake card
you will get a negative verification. Ok here are some possible ways 
around this. Ok what we want is the encrypted digital veri-card 
return. How do we get this you ask. Ok you need to purchase something 
from a company web page by mail an add a string onto the mail to send 
the code back to yourself. Like sending the purchase order to yourself 
not the company and along with it will come the digital ID. So you go 
into your thrifty Internet mailbox and wow maybe you have received a 
digital encrypted verification from yourself. Now here's the hard part 
that you'll have to do yourself. Un-encrypting the verification code. 
Then once that occurs order what you want from the company, and a day 
later send the verification code via e-mail. Why shit make verification
codes, send them everywhere. Wahla, maybe you got some new shit. Now
how to have fun with verification codes! Well if you figured out how to
unencrypt the codes you can make fake verifcations for other people that
don't work. Like say Fruitcake Bob wants to buy a dandy high supercolored
digitized NEC multisync television for his kid for christmas. He jumps
onto AOL (Assholes On Line) and orders with his credit card. Well you
send a negative encrypted verification back so his poor son gets no t.v
for christmas and goes apeshit on his dad. By the way you can check into
the veri-card system at their web site somewhere up there on this page.
Have fun with it, and remember this public announcement has been brought
to you by Rebels of Telecommunications. Sign up now at your local bell
phone booth....