Obama Campaign Lacks the Industry-Standard Level Of Credit Card Security For Donations, But Uses It For Merchandise Purchases:
To purchase Obama campaign merchandise, thecampaign requires buyers to enter their credit card CVV security code, but does not require the credit card
security code to be entered when making an online campaign donation (see page 61). By GAI’s estimates,the Obama campaign’s failure to utilize industry
-standard protections potentially costs the campaignmillions in extra processing fees.
The BIG Picture is Massive Fraud
There are reasons why the Obama campaign would use CVV code security technology for merchandising.
In short, the CVV code on the back of your credit or debit card is there to ensure that the individual usingthe card is you, or someone authorized by you to use the card.Most Credit Card fraud does not happen with a stolen card, but rather a stolen card number. Because thefraudster does not actually possess the card, but only the card number and expiration date for the card,they will not have the CVV code on the back of the card in most cases.When the campaign is selling and shipping merchandise, they use CVV code technology to secure eachtransaction before shipping merchandise.But when nothing is being shipped, as in the case of campaign donations, they have CVV codetechnology turned off. Why? Because, the transactions coming from overseas on stolen card numbers,will not have the CVV code.
AVS information,which the Obama campaign alsoturned off on its donations account. They are stolen card numbers, most of them from Americans.Address Verification, (AVS) like CVV code verification, are industry standards for blocking fraudulentonline transactions. Why has the Obama campaign turned off both of those security functions for
donations, but not for merchandise orders?With these security functions turned on, the system would DECLINE transactions
as “fraudulent” if theywere missing a matching CVV code. So, to allow “fraudulent” donations on stolen card numbers, theywould have to turn off the CVV security function, thereby allowing the “fraudulent” transactions to
APPROVE without any CVV code match.
This raises three obvious questions?
Who are these individual donors? (Including via bundlers?)2.
Why are we allowing foreign donations from overseas?3.
How many of those donations are made on stolen U.S. card numbers?Only a full scale investigation into the massive donations from September 2012 (and 2008) can answer
these and other questions. However, what we already know is this…
Obama is not supposed to accept any foreign campaign donations, but he is.
The Obama campaign is familiar with and using CVV code technology on merchandise, but noton campaign donations.
Without the CVV code, fraudulent donations can be made with stolen card numbers and they are.
The CVV code technology was intentionally turned off for Obama donations only.
The Secret Service is responsible for investigating and prosecuting Credit Card Fraud.