Re: use of routing information in anti-fraud mechanisms

[Anthony DiPierro <or@xxxxxxxxx>]

On 11/29/05, phobos@xxxxxxxxxx <phobos@xxxxxxxxxx> wrote:
> On Tue, Nov 29, 2005 at 12:01:48PM -0500, or@xxxxxxxxx wrote 1.0K bytes in 24 lines about:
> : If you're going to go visit (for example) Nigeria and you plan on
> : using your credit card, you should probably let your credit card
> : company know first.  This is true whether you're planning on making
> : purchases online or offline.
>
>        This is the same concept of using caller id info to authenticate
>        users when you call in for banking, shopping, etc orders.
>
Yeah, pretty much.  If you ran your phone calls through some sort of
jamming device which gave fake caller id info, and then called Dominos
to order a pizza for delivery, I wouldn't be surprised if they had
some problems placing your order.

Of course, one major difference is that over the telephone you
generally have the option to speak to an actual person who can
override things.  And caller-ID blocking is available and more popular
than Tor (not to mention that calls can still be traced by the phone
company unless you've somehow hacked the network or gone through a
redirection service).

>        As for traveling to Nigeria, I'd expect my credit card co. to
>        put 2 and 2 together to realize the $4500 I just spent on plane
>        tickets to fly to Nigeria, might actually imply that I am in
>        Nigeria.  As well as the correlation to Hotel, taxis, etc.
>
>        Anyway, we digress.
> --
> Andrew
>