| ▲ | SyneRyder 4 hours ago | |||||||
It's up to the company, but since many companies don't want to keep card numbers around (and some processors don't let you see the card number anyway), they're probably more likely to block on identity. Maybe flag the IP address of the transaction for "additional screening" on all future transactions, etc. | ||||||||
| ▲ | master_crab 32 minutes ago | parent | next [-] | |||||||
IPs are notoriously unreliable for identity pinning, particularly in this age of CGNAT. If they can’t or don’t want cc numbers (makes sense considering how painful PCI guidelines are anyway) does that mean they need to rely on more tools from the processors or user accounts maintained by the merchant themselves? | ||||||||
| ▲ | nubinetwork 4 hours ago | parent | prev [-] | |||||||
CC numbers are also bound to get recycled eventually as cards expire and/or get replaced... even if you block a card, it might have a new owner 6 months or so later. | ||||||||
| ||||||||