Need someone to lead product management at your software company? I create software for people that create software and I'm looking for my next opportunity. Check out my resume and get in touch.

Adam Kalsey

This is the blog of Adam Kalsey. Unusual depth and complexity. Rich, full body with a hint of nutty earthiness.

Security & Privacy

More silly credit card security

Freshness Warning
This blog post is over 17 years old. It's possible that the information you read below isn't current and the links no longer work.

10 Oct 2006

After posting about the insecurity of credit card activation schemes, I remembered another pointless security "feature" that’s coming into vogue now. When I use my cards at some gas stations, I’m asked to enter my billing zip code.

Supposedly this is to keep the bad guys from using a stolen or lost card to buy gas. Credit cards don’t have a PIN number or any other secret code, so the use of a zip code was apparently dreamed up as a pseudo-secret code.

It seems to me that the most common way a physical card winds up in the hands of the bad guys is if it’s in a wallet that’s lost or stolen. And in that wallet, right next to the credit card, you can usually find a driver’s license. Which of course, has your zip code on it.

Comments

William Chapman
April 23, 2008 2:31 PM

Pseudo-secrete credit card code? I don't think so! I agree, I have also noticed the same thing happens when you rent a movie at a Red Box. I haven't quite figured out why I am required to enter my zip code in order for the transaction to to processed. I will argue that in as much as the idea of entering your zip code could be effective in making sure that who ever is using the credit card is actually authorized to do so, the chances someone using your credit card for purchases at a Red Box for example or at a gas station that requires you to enter a zip code at the pump is very, very small. Lets face it, if you were to loose your credit card, it would probably would have been lost together with an ID of some kind that you keep along with the credit card in your purse, bag... etc. So asking for zip code wouldn't necessarily prevent an unauthorized user of the credit card to successfully use it. It seems as though who ever came up with this idea is operating on the idea of just being able to help at least one identity theft victim our of a million.

This discussion has been closed.

Recently Written

Micromanaging and competence (Jul 2)
Providing feedback or instruction can be seen as micromanagement unless you provide context.
My productivity operating system (Jun 24)
A framework for super-charging productivity on the things that matter.
Great product managers own the outcomes (May 14)
Being a product manager means never having to say, "that's not my job."
Too Big To Fail (Apr 9)
When a company piles resources on a new product idea, it doesn't have room to fail. That keeps it from succeeding.
Go small (Apr 4)
The strengths of a large organization are the opposite of what makes innovation work. Starting something new requires that you start with a small team.
Start with a Belief (Apr 1)
You can't use data to build products unless you start with a hypothesis.
Mastery doesn’t come from perfect planning (Dec 21)
In a ceramics class, one group focused on a single perfect dish, while another made many with no quality focus. The result? A lesson in the value of practice over perfection.
The Dark Side of Input Metrics (Nov 27)
Using input metrics in the wrong way can cause unexpected behaviors, stifled creativity, and micromanagement.

Older...

What I'm Reading