Verfied by Visa finally gets outed

James Fidell james at
Thu Nov 4 14:48:44 GMT 2010

On 19/10/10 18:30, Paul Barnfather wrote:
>> Just like they've been saying since its launch.  Why they went for an
>> embedded (IFRAMEd) approach when world+dog could see this masked the SSL
>> certificate info from all but the most curious of visitors is still beyond
>> me.
> I notice they're now claiming that the "personal assurance message" is
> the approved way to ensure that VbV dialog box is genuine.

Coming to this thread late...

Some card issuers don't even appear to allow you to set the "personal
assurance message".  I did have once have a card that didn't have any
way to set it.  I assume the message was the same for all holders of
that card.

Another thing that irritates about VbV is that some card issuers, whilst
being happy to issue a joint card for my wife, will not allow her to
have a separate VbV password yet insist that I must not disclose my own
password to anyone.  When I asked one issuer about this they said that
I would either have to enter the password for her whenever she wanted to
buy anything online (not particularly helpful if we're not in the same
place) or she would not be able to use the card for online purchases.


More information about the ukcrypto mailing list