Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Beginners Questions
Bank cards [lecture, 2023]
Message
<blockquote data-quote="Skyworld" data-source="post: 154" data-attributes="member: 14"><p>(19:36:11) Pustota: When buying cards in most shops, we will see such a parameter as the validity of the database in which the card was received in the shop. It is defined by a shop / seller as follows: a random number of cards is taken and validated by a checker. Let's say 7 valid cards came out of 10 – the *declared* validity of such a database is about 70%. I note that the actual validity may vary greatly depending on the honesty of the seller/shop, the checker used, the method of card mining and how long ago the base was mined and stamped on the valid</p><p></p><p>(19:37:39) Pustota: A card checker is a service that runs cards through its merch. Checkers can work in different ways: a small amount ($1-2) can be preauthorized from the card through a merchant checker and returned back after a short period of time. This method is bad because the holder may have notifications for transactions configured and a suspicious transaction may force him to block the card. Well, or he can just check the bank statement at the wrong time (a bank statement, sometimes available in paper form, by calling the bank, or in online banking)</p><p></p><p>(19:38:23) Pustota: More advanced checkers use a cardless validation ($0 authorization), which most often goes unnoticed by the holder and gives an answer from the payment system about the validity of the card</p><p></p><p>(19:39:59) Pustota: An alternative way to check the validity of the card is to link it to any services (as an example, to Google, or to any other service where the card fits into the personal account)</p><p></p><p>(19:40:23) Pustota: This is a fairly safe check method that minimizes the risk of card death, provided that it also uses the principle of cardless validation.</p><p></p><p>(19:41:54) Pustota: In normal shops, a refund is provided for invalid cards – usually 5-15 minutes are given for a check. To minimize time and financial losses, I recommend checking cards after purchase and trying to get a refund if the card is dead. If you do not trust your method of checking cards (for example, you think that it can kill cards), you can check the card after driving in to minimize the likelihood of its death from the check</p><p></p><p>(19:43:16) Pustota: It is also worth remembering that the checkers built into the shops often spoil the cards much more than your own check methods, so use them only if you are sure that the card is invalid (the algorithm is most often this: you check the card with a shop checker, if the shop checker reports the premature death of the card, you get a refund; if the checker says that the card is alive, then no)</p><p></p><p>(19:44:39) Pustota: Also, I want to note that by far the safest method of checking a card is an attempt to fill it up or ring it on the balance (fill it up is a derivative of Enroll). This concept will be covered in detail in further lectures, implies access to online card banking), or a call to the bank. In this case, sometimes it may be necessary to punch an additional. information on the card (SSN (social security number insurance)/DoB (holder's date of birth) or something else)A few words about the types of CC. As I said above, Visa, MasterCard, American Express, Discover cards will most often be found in your work</p><p></p><p>(19:45:48) Pustota: From my experience, it is easiest to find good Visa and MC beans, but in practice I have also met fat amex beans (however, the latter has its own specifics - the chargeback goes faster, which is often disastrous for drives. You need to understand where this will take place, and where it will ruin your work). Discover cards, rather, belong to the exotic - but in some directions they are also used</p><p></p><p>(19:46:02) Pustota: Visa, MasterCard and Discover cards have 16 digits each in the card number and 3-digit CVV codes. Amex has 15 digits in the card number and a 4-digit CVV</p><p></p><p>(19:47:11) Pustota: The cards of some countries (specifically, USA, Canada, Australia, New Zealand and the United Kingdom) have an AVS (Address Verification System) protection mechanism that verifies the address used when making a transaction with that of the issuing bank. In the event that the data does not match (the numbers in the address and ZIP code are checked), an AVS Mismatch response is received from the bank and such a transaction will be rejected. From here, in the future you will encounter concepts such as billing and shipping address, they will be touched upon in further lectures.</p><p></p><p>(19:50:10) Pustota: AVS - Address Verification System should have been studied, the bottom line is that if you make a transaction inside the country (that is, the issuing bank of the card of the same country as the store) you can verify the digital part of the address, and if it does not match, there will be a decline, remember the list of countries that have this system. That is, this system does not exist in the Russian Federation /EU.</p><p></p><p>(19:51:12) Pustota: (approx. there are no AVS on corporate cards in England, just as not all cards in usa/ca/au can have such protection, in usa and ca almost everything is more realistic to find in au without reconciliation)</p><p></p><p>(19:52:46) Pustota: When working with maps, sooner or later you will encounter 3D Secure protection mechanisms (<a href="https://wwh-club.io/threads/3-3-2-vbv-mcsc.2108" target="_blank">https://wwh-club.io/threads/3-3-2-vbv-mcsc.2108</a> /)</p><p></p><p>(19:53:30) Pustota: Visa cards have it called Visa Secure / Verified by Visa (VBV); MC has MasterCard Secure Code (MCSC), and Amex has SafeKey. Accordingly, many gateways have their own analogues.</p><p></p><p>(19:54:31) Pustota: 3DSecure - It seems it is usually called the 3rd layer of protection, the point is that you enter an Internet password for purchases, I think you have already encountered this when buying from your cards, when the bank sent you an SMS code to confirm the transaction.</p><p></p><p>(19:55:38) Pustota: What is very important to note, if you made a purchase with a 3ds code,the chargeback falls entirely on the shoulders of the cardholder or the bank, the store is not responsible for this operation, that is, even if the cardholder burns the transaction, it is unlikely that this will affect the shop and it will not send you the goods, but there is an exception (a shop that values its reputation will cancel).</p><p></p><p>(19:56:29) Pustota: That is, transactions with a 3ds code have a high trust (the exception is USA due to the fact that the Internet password is often static there, that is, for example, as an email password, and it can be reset).</p><p></p><p>(19:57:39) Pustota: I'll clarify a little [MEDIA=imgur]1KQzbTx[/MEDIA] this is the window for entering the 3ds code from the USA bank, but instead of SMS you are asked by the bank to enter card information + ZIP code.</p><p></p><p>(19:58:18) Pustota: In general, 3ds is the most common type of protection, in most countries merchants in shops have it connected to cards</p><p></p><p>(19:58:53) Pustota: That is, if the merchant does not have this protection connected, and it is on the card, then the transaction will take place without 3ds, since it was not initiated by the shop.</p><p></p><p>Let's analyze the 3Ds moment in more detail<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite3" alt=":(" title="Frown :(" loading="lazy" data-shortname=":(" />20:00:34) Pustota: These mechanisms are designed to significantly reduce the percentage of unauthorized/fraudulent card transactions by adding an additional transaction confirmation method unrelated to the card itself. In case of entering into the merch with the activated 3DS system, during the transaction you will be redirected to the page of entering a static code that should be known to the holder, or a one-time code sent to the holder by SMS / e-mail</p><p></p><p>(20:01:42) Pustota: Static codes will be unknown to you when buying a card, however, for some bins they can be reset. The bins where this can be done are called VBV reset bins</p><p></p><p>(20:02:50) Pustota: Also, there are beans that pass VBV automatically. It looks like this: during the transaction, you get to the VBV page, similar to that for the above bins, but the VBV code itself does not request you. At this time, the issuing bank evaluates your transaction according to its anti-fraud criteria and gives an answer to the merchant, whether you have passed the VBV check or not. Such bins are called avtovbv. Also, sometimes VTB cards are found in banks that simply have not yet implemented protection with 3DS, in such banks the percentage of successful completion of VBV will be higher. Usually these are small banks (most often Credit Union's)</p><p></p><p>(20:03:51) Pustota: If you work on a duffel bag with US shops and stumbled upon a shop with VBV/MCSC, the easiest way is to score on such a shop and find another one. If you beat any service where VBV is mandatory (for example, Airbnb), or work in the EU - there you already need to look for beans with reset / avtobv, which will climb into the merch of your service / shop</p><p></p><p>(20:04:22) Pustota: 3ds code in USA is often static, as a rule it is either zip/ssn or zip+ssn, or it can be set by the cardholder, but it can often be reset (you will see the reset item).</p><p></p><p>(20:05:02) Pustota: So in eu/ca/au and possibly in other regions, you can also find cards that can reset a static password (provided that it is static and not an SMS or token and there is a reset point) but no one can say how much money you will spend in search of this)</p><p></p><p>(20:06:06) Pustota: Unless in the UK the chance is higher to find something with a reset, since at one time there were a lot of bins with a 3ds password change by DOB</p></blockquote><p></p>
[QUOTE="Skyworld, post: 154, member: 14"] (19:36:11) Pustota: When buying cards in most shops, we will see such a parameter as the validity of the database in which the card was received in the shop. It is defined by a shop / seller as follows: a random number of cards is taken and validated by a checker. Let's say 7 valid cards came out of 10 – the *declared* validity of such a database is about 70%. I note that the actual validity may vary greatly depending on the honesty of the seller/shop, the checker used, the method of card mining and how long ago the base was mined and stamped on the valid (19:37:39) Pustota: A card checker is a service that runs cards through its merch. Checkers can work in different ways: a small amount ($1-2) can be preauthorized from the card through a merchant checker and returned back after a short period of time. This method is bad because the holder may have notifications for transactions configured and a suspicious transaction may force him to block the card. Well, or he can just check the bank statement at the wrong time (a bank statement, sometimes available in paper form, by calling the bank, or in online banking) (19:38:23) Pustota: More advanced checkers use a cardless validation ($0 authorization), which most often goes unnoticed by the holder and gives an answer from the payment system about the validity of the card (19:39:59) Pustota: An alternative way to check the validity of the card is to link it to any services (as an example, to Google, or to any other service where the card fits into the personal account) (19:40:23) Pustota: This is a fairly safe check method that minimizes the risk of card death, provided that it also uses the principle of cardless validation. (19:41:54) Pustota: In normal shops, a refund is provided for invalid cards – usually 5-15 minutes are given for a check. To minimize time and financial losses, I recommend checking cards after purchase and trying to get a refund if the card is dead. If you do not trust your method of checking cards (for example, you think that it can kill cards), you can check the card after driving in to minimize the likelihood of its death from the check (19:43:16) Pustota: It is also worth remembering that the checkers built into the shops often spoil the cards much more than your own check methods, so use them only if you are sure that the card is invalid (the algorithm is most often this: you check the card with a shop checker, if the shop checker reports the premature death of the card, you get a refund; if the checker says that the card is alive, then no) (19:44:39) Pustota: Also, I want to note that by far the safest method of checking a card is an attempt to fill it up or ring it on the balance (fill it up is a derivative of Enroll). This concept will be covered in detail in further lectures, implies access to online card banking), or a call to the bank. In this case, sometimes it may be necessary to punch an additional. information on the card (SSN (social security number insurance)/DoB (holder's date of birth) or something else)A few words about the types of CC. As I said above, Visa, MasterCard, American Express, Discover cards will most often be found in your work (19:45:48) Pustota: From my experience, it is easiest to find good Visa and MC beans, but in practice I have also met fat amex beans (however, the latter has its own specifics - the chargeback goes faster, which is often disastrous for drives. You need to understand where this will take place, and where it will ruin your work). Discover cards, rather, belong to the exotic - but in some directions they are also used (19:46:02) Pustota: Visa, MasterCard and Discover cards have 16 digits each in the card number and 3-digit CVV codes. Amex has 15 digits in the card number and a 4-digit CVV (19:47:11) Pustota: The cards of some countries (specifically, USA, Canada, Australia, New Zealand and the United Kingdom) have an AVS (Address Verification System) protection mechanism that verifies the address used when making a transaction with that of the issuing bank. In the event that the data does not match (the numbers in the address and ZIP code are checked), an AVS Mismatch response is received from the bank and such a transaction will be rejected. From here, in the future you will encounter concepts such as billing and shipping address, they will be touched upon in further lectures. (19:50:10) Pustota: AVS - Address Verification System should have been studied, the bottom line is that if you make a transaction inside the country (that is, the issuing bank of the card of the same country as the store) you can verify the digital part of the address, and if it does not match, there will be a decline, remember the list of countries that have this system. That is, this system does not exist in the Russian Federation /EU. (19:51:12) Pustota: (approx. there are no AVS on corporate cards in England, just as not all cards in usa/ca/au can have such protection, in usa and ca almost everything is more realistic to find in au without reconciliation) (19:52:46) Pustota: When working with maps, sooner or later you will encounter 3D Secure protection mechanisms ([URL]https://wwh-club.io/threads/3-3-2-vbv-mcsc.2108[/URL] /) (19:53:30) Pustota: Visa cards have it called Visa Secure / Verified by Visa (VBV); MC has MasterCard Secure Code (MCSC), and Amex has SafeKey. Accordingly, many gateways have their own analogues. (19:54:31) Pustota: 3DSecure - It seems it is usually called the 3rd layer of protection, the point is that you enter an Internet password for purchases, I think you have already encountered this when buying from your cards, when the bank sent you an SMS code to confirm the transaction. (19:55:38) Pustota: What is very important to note, if you made a purchase with a 3ds code,the chargeback falls entirely on the shoulders of the cardholder or the bank, the store is not responsible for this operation, that is, even if the cardholder burns the transaction, it is unlikely that this will affect the shop and it will not send you the goods, but there is an exception (a shop that values its reputation will cancel). (19:56:29) Pustota: That is, transactions with a 3ds code have a high trust (the exception is USA due to the fact that the Internet password is often static there, that is, for example, as an email password, and it can be reset). (19:57:39) Pustota: I'll clarify a little [MEDIA=imgur]1KQzbTx[/MEDIA] this is the window for entering the 3ds code from the USA bank, but instead of SMS you are asked by the bank to enter card information + ZIP code. (19:58:18) Pustota: In general, 3ds is the most common type of protection, in most countries merchants in shops have it connected to cards (19:58:53) Pustota: That is, if the merchant does not have this protection connected, and it is on the card, then the transaction will take place without 3ds, since it was not initiated by the shop. Let's analyze the 3Ds moment in more detail:(20:00:34) Pustota: These mechanisms are designed to significantly reduce the percentage of unauthorized/fraudulent card transactions by adding an additional transaction confirmation method unrelated to the card itself. In case of entering into the merch with the activated 3DS system, during the transaction you will be redirected to the page of entering a static code that should be known to the holder, or a one-time code sent to the holder by SMS / e-mail (20:01:42) Pustota: Static codes will be unknown to you when buying a card, however, for some bins they can be reset. The bins where this can be done are called VBV reset bins (20:02:50) Pustota: Also, there are beans that pass VBV automatically. It looks like this: during the transaction, you get to the VBV page, similar to that for the above bins, but the VBV code itself does not request you. At this time, the issuing bank evaluates your transaction according to its anti-fraud criteria and gives an answer to the merchant, whether you have passed the VBV check or not. Such bins are called avtovbv. Also, sometimes VTB cards are found in banks that simply have not yet implemented protection with 3DS, in such banks the percentage of successful completion of VBV will be higher. Usually these are small banks (most often Credit Union's) (20:03:51) Pustota: If you work on a duffel bag with US shops and stumbled upon a shop with VBV/MCSC, the easiest way is to score on such a shop and find another one. If you beat any service where VBV is mandatory (for example, Airbnb), or work in the EU - there you already need to look for beans with reset / avtobv, which will climb into the merch of your service / shop (20:04:22) Pustota: 3ds code in USA is often static, as a rule it is either zip/ssn or zip+ssn, or it can be set by the cardholder, but it can often be reset (you will see the reset item). (20:05:02) Pustota: So in eu/ca/au and possibly in other regions, you can also find cards that can reset a static password (provided that it is static and not an SMS or token and there is a reset point) but no one can say how much money you will spend in search of this) (20:06:06) Pustota: Unless in the UK the chance is higher to find something with a reset, since at one time there were a lot of bins with a 3ds password change by DOB [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Beginners Questions
Bank cards [lecture, 2023]
Top