CC shared secret

[Roland Perry]

In article <489978EC.1090302@iosis.co.uk>, Peter Tomlinson 
<pwt@iosis.co.uk> writes
>Did they offer you the chance to log in somewhere and change the pwd?

They point to a webage that describes the scheme, which does give 
"account management" options to change the VbV password (aka shared 
secret), but it seems likely from their description that the two are 
inextricably linked and changing one changes both. That's one reason 
that perhaps the VbV system is "franchised" with the query being done in 
realtime back to the bank every time I make a purchase.

Or is the *whole* Visa scheme just a franchise, with merchants having to 
have a credit-authorising dialogue with the relevant bank rather than a 
central Visa-branded clearing house?

With CC data theft headline news again today, I just feel I'd like to 
know *where* my data is being held.

If the mechanism's suitably secure, then having the same password might 
even be an advantage, as it's one fewer thing to have to remember.
-- 
Roland Perry