Need someone to lead product management at your software company? I create software for people that create software and I'm looking for my next opportunity. Check out my resume and get in touch.

More silly credit card security

Freshness Warning
This blog post is over 17 years old. It's possible that the information you read below isn't current and the links no longer work.

After posting about the insecurity of credit card activation schemes, I remembered another pointless security "feature" that’s coming into vogue now. When I use my cards at some gas stations, I’m asked to enter my billing zip code.

Supposedly this is to keep the bad guys from using a stolen or lost card to buy gas. Credit cards don’t have a PIN number or any other secret code, so the use of a zip code was apparently dreamed up as a pseudo-secret code.

It seems to me that the most common way a physical card winds up in the hands of the bad guys is if it’s in a wallet that’s lost or stolen. And in that wallet, right next to the credit card, you can usually find a driver’s license. Which of course, has your zip code on it.

William Chapman
April 23, 2008 2:31 PM

Pseudo-secrete credit card code? I don't think so! I agree, I have also noticed the same thing happens when you rent a movie at a Red Box. I haven't quite figured out why I am required to enter my zip code in order for the transaction to to processed. I will argue that in as much as the idea of entering your zip code could be effective in making sure that who ever is using the credit card is actually authorized to do so, the chances someone using your credit card for purchases at a Red Box for example or at a gas station that requires you to enter a zip code at the pump is very, very small. Lets face it, if you were to loose your credit card, it would probably would have been lost together with an ID of some kind that you keep along with the credit card in your purse, bag... etc. So asking for zip code wouldn't necessarily prevent an unauthorized user of the credit card to successfully use it. It seems as though who ever came up with this idea is operating on the idea of just being able to help at least one identity theft victim our of a million.

This discussion has been closed.

Recently Written

Mastery doesn’t come from perfect planning (Dec 21)
In a ceramics class, one group focused on a single perfect dish, while another made many with no quality focus. The result? A lesson in the value of practice over perfection.
The Dark Side of Input Metrics (Nov 27)
Using input metrics in the wrong way can cause unexpected behaviors, stifled creativity, and micromanagement.
Reframe How You Think About Users of your Internal Platform (Nov 13)
Changing from "Customers" to "Partners" will give you a better perspective on internal product development.
Measuring Feature success (Oct 17)
You're building features to solve problems. If you don't know what success looks like, how did you decide on that feature at all?
How I use OKRs (Oct 13)
A description of how I use OKRs to guide a team, written so I can send to future teams.
Build the whole product (Oct 6)
Your code is only part of the product
Input metrics lead to outcomes (Sep 1)
An easy to understand example of using input metrics to track progress toward an outcome.
Lagging Outcomes (Aug 22)
Long-term things often end up off a team's goals because they can't see how to define measurable outcomes for them. Here's how to solve that.

Older...

What I'm Reading

Contact

Adam Kalsey

+1 916 600 2497

Resume

Public Key

© 1999-2024 Adam Kalsey.