User CP FAQ Community Calendar New Search Links Log Out
share |
(#1 (permalink))
ABH - Trust and Safety > Hacking & Security > Hacking & Security Tutorials
{HOT} How to "card" successfully
Welcome Back, fighter1234.You last visited: Yesterday at 07:42 PMYour Notifications: 1
Hacking & Security Tutorials Best tutorials will be moved here alongside with the tutorials you will write
Useful links : Recover password | Invite Your Friends | Download Program Chat | ALBoRaaQ Chat Room |Upgrade To VIP
{HOT} How to "card" successfully
Hacking & Security Tutorials
Thread Starter CCV* Replies 8 Views 99 | |
View First Unread LinkBack Thread Tools Search this Thread Rate Thread Display Modes
{HOT} How to "card" successfully
CCV* is OfflineSuperb Member
Rep Power: 1
Posts: 523Thanks: 11Thanked 83 Times in 39 PostsJoin Date: Feb 2013
More ShareShareShare
Share
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
1 of 11 5/24/2013 10:05 AM
{HOT} How to "card" successfully - Yesterday, 04:38 PM
Hi friends,
How are u today ? Hope u all are fine & happy.
Alright, I would like to share little tips on how to card sumthing so that u can do it sucessfully. Well, our hope is the
item u carded can be delivered to ur drop address "safely" (from ur point of view). Basically, what we are talking
about is CNP (Card Not Present)/online-based transation. This article will be posted on 2 parts. So stay tune with my
next post !
0x0001 : Little introduction on credit card types
There are many credit card types in the world, such as Visa/Visa Electron, Mastercard, American Express (AMEX), JCB
(Japan Credit Bureau), BankCard, China Union Pay, Diners Club Carte Blanche, Diners Club enRoute, Diners Club
International, Diners Club US & Canada, Discover, Laser (debit card), Maestro (debit card), Solo (debit card), Switch
(debit card). Each of the card types has its own unique 6 prefixs (digits). This is known as IIN (Issuer Identification
Number). Credit card digit length are various from 12 - 19 digits, depends on the card type.
Can we make a code to identify a card type ?
Yes ofcourse we can !
We can design the algorithm using Luhn algorithm and then code it with almost all programming/webprogramming
languages to be a credit card digit validation tool. U can do this with Python, Perl, Delphi, C/C++, VB/VB.NET, PHP,
AJAX, etc. I won't explain more about Luhn Algorithm, since it relates with mathematical. And I think u can
understand it within several minutes. Here's the link u can review it later :
hxxp://www.beachnet.com/~hstiles/cardtype.html
0x0010 : Understanding merchant account, payment gateway, and third-party payment gateway
Now u should hv understood yet about credit card type and how to validate it (the digits) using ur own great tool.
We'll take a look at the difference between merchant account, payment gateway, and third-party payment gateway.
1. An e-Commerce merchant account allows any (or almost) online business (also known as an e-Business or
e-Commerce business) to accept credit cards/debit cards, gift cards and other forms of payment cards online based on
the CNP (card not present) transaction principals, including MOTO (mail order/telephone order) transactions.
e-Commerce merchant accounts can also be referred to as: online credit card payment accounts, online credit card
processing accounts, credit card transaction accounts, and others. An e-Commerce merchant can get an e-Commerce
merchant account from a merchant bank or a merchant service provider in his/her local area (city, state, country) or
in another country (offshore/international e-Commerce merchant account).
2. A payment gateway is an e-commerce application service provider service that authorizes payments for
e-businesses, online retailers, bricks and clicks, or traditional brick and mortar. It is the equivalent of a physical point
of sale terminal located in most retail outlets. Payment gateway protects credit cards details encrypting sensitive
information, such as credit card numbers, to ensure that information passes securely between the customer and the
merchant and also between merchant and payment processor.
3. Third party processors are what e-Commerce merchants get when getting third party merchant accounts. Basically,
third party processors are connected via an additional secure payment gateway to a direct credit card payment
processor. A third party processor contributes to the work of the direct processor, sharing its expenses, i.e. paying
much less. Many third party processors make up a network of e-Commerce merchants sharing one secure direct
merchant account.
And how it works actually ? Okay, below performs procedures which used by the payment processor gateway to
charge customer's credit card until there's full settlement of funding to the merchant. U should really understand well
these procedures !
* A customer places order on website by pressing the 'Submit Order' or equivalent button, or perhaps enters their
card details using an automatic phone answering service.
* If the order is via a website, the customer's web browser encrypts the information to be sent between the browser
and the merchant's webserver. This is done via SSL (Secure Socket Layer) encryption.
* The merchant then forwards the transaction details to their payment gateway. This is another SSL encrypted
connection to the payment server hosted by the payment gateway.
* The payment gateway forwards the transaction information to the processor used by the merchant's acquiring bank.
* The processor forwards the transaction information to the card association (i.e., Visa/MasterCard)
* If an American Express or Discover Card was used, then the processor acts as the issuing bank and directly provides
a response of approved or declined to the payment gateway.
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
2 of 11 5/24/2013 10:05 AM
* Otherwise, the card association routes the transaction to the correct card issuing bank.
* The credit card issuing bank receives the authorization request and sends a response back to the processor (via the
same process as the request for authorization) with a response code. In addition to determining the fate of the
payment, (i.e. approved or declined) the response code is used to define the reason why the transaction failed (such
as insufficient funds, or bank link not available)
* The processor forwards the response to the payment gateway.
* The payment gateway receives the response, and forwards it on to the website (or whatever interface was used to
process the payment) where it is interpreted and a relevant response then relayed back to the cardholder and the
merchant.
* The entire process typically takes 2-3 seconds
* The merchant must then ship the product prior to being allowed to request to settle the transaction.
* The merchant submits all their approved authorizations, in a "batch", to their acquiring bank for settlement.
* The acquiring bank deposits the total of the approved funds in to the merchant's nominated account. This could be
an account with the acquiring bank if the merchant does their banking with the same bank, or an account with another
bank.
* The entire process from authorization to settlement to funding typically takes 3 days.
There are many third-party payment gateways in the world today. I'm sure most of u are familiar with Paypal,
WorldPay, Verepay, Authorize.Net, Click2Buy, SagePay, PPI.Inc, 2CheckOut, GoogleCheckout, YahooWallet, CCBill,
MoneyBooker, etc...
The conslusion is the merchant can choose between using its own payment gateway to process the transaction directly
to the merchant's bank or using payment gateway from third-party payment gateway (with a "little fees" ofcourse).
0x0011 : All things about payment security
Since the customer is usually required to enter their personal details, such as :
- First Name
- Last Name
- Address
- City
- State/province
- Country
- ZIP/postal code
- Telephone number
- Card type
- Card number
- Customer's bank account (usually asked on Paypal, GoogleCheckout, YahooWallet when there's a fraud detection)
- Start Date (not common)
- Expired Date
- CVV/CVV2
- Card holder name
Then, he/she might be thinking that this part is important to be really safe. Yes, to make customer feels safe while
doing online transaction using credit card, the merchant has to provide a secure connection between the payment
gateway to the merchant's acquiring bank. This is to make sure that the data will not be intercepted by illegal guy on
its way. On merchants (webshops) which are using theirs own payment gateway, usually the site use SSL (Secure
Socket Layer) 128 bits, in an HTTPS site format. On the other hand, most of merchants are not using HTTPS for theirs
website, but third-party payment gateway will do this for processing the transaction later.
Due to high volume of online credit card fraud transaction recently, many merchants start to aware about this. They
do such procedures to avoid charge-back from the bank.
These are all things that merchant/webshop administrator will (usually) do to prevent credit card fraud :
- Call the buyer based on cardholder's phone number filled
- Check the buyer's phone number with YellowPages/phone directory book
- Confront cardholder's real location againts buyer's IP address using GeoIP location tool
- If the shipping address differs with the billing address, then it might be suspicious order
- Shipping item to PO BOX usually not accepted by most merchant/webshop
- Order shipped to African, East Europe, Russia, and several Asia countries usually need to be confirmed via phone
- Order items in large volume sometimes be flagged as a high risk fraud
- Order items with urgency shipping time sometimes be flagged as a high risk fraud
etc..
While the payment processor gateway usually do check frequently count of the card being charged at the same
payment processor gateway. The result will then be used to make a decision whether the transaction is going to be
approved or declined.
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
3 of 11 5/24/2013 10:05 AM
(#2 (permalink))
The Following User Says Thank You to CCV* For This Useful Post:
<~©~>
5 Lastest Threads by CCV*
Thread Forum Last Poster Replies Views Last Post
Private Symlink(PHP) Exploit Tutorial Exploits and Vulnerabilities decslir 1 1905-23-201304:57 PM
How to do Hacking the Internet(WAN)
Not LAN Using...Hacking & Security Tutorials mustbe 2 15
05-23-201304:49 PM
{HOT} How to "card" successfully Hacking & Security Tutorials <~©~> 8 9905-23-201304:38 PM
Apply for thieves Apply for Thieves CCV* 2 3505-23-201302:41 PM
TUT | How to use Google as a proxy |TUT | + Pics
Hacking & Security Tutorials CCV* 7 4005-23-201302:11 PM
socio is OfflineSenior Member
Rep Power: 1
Posts: 117Thanks: 4Thanked 5 Times in 5 PostsJoin Date: Dec 2012Location: online
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
4 of 11 5/24/2013 10:05 AM
Yesterday, 04:41 PM
great post and yes it was bro
TO KNOW WHERE YOU HEADING....YOU
GOTTA KNOW WHERE YOU BEEN
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
5 of 11 5/24/2013 10:05 AM
(#3 (permalink))
(#4 (permalink))
CCV* is OfflineSuperb Member
Rep Power: 1
Posts: 523Thanks: 11Thanked 83 Times in 39 PostsJoin Date: Feb 2013
Yesterday, 04:42 PM
thanks bro
pbmadrid is OnlineStarter
Rep Power: 0
Posts: 27Thanks: 3Thanked 0 Times in 0 PostsJoin Date: May 2013
Yesterday, 07:31 PM
good information thanks bro
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
6 of 11 5/24/2013 10:05 AM
(#5 (permalink))
(#6 (permalink))
CCV* is OfflineSuperb Member
Rep Power: 1
Posts: 523Thanks: 11Thanked 83 Times in 39 PostsJoin Date: Feb 2013
Yesterday, 08:20 PM
nothing brother
mustbe is OfflineCool Member
Rep Power: 1
Posts: 708Thanks: 0Thanked 14 Times in 11 PostsJoin Date: May 2013Location: HeAveNInfractions: 0/2 (2)
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
7 of 11 5/24/2013 10:05 AM
(#7 (permalink))
(#8 (permalink))
Yesterday, 08:25 PM
Nice post and tut
CCV* is OfflineSuperb Member
Rep Power: 1
Posts: 523Thanks: 11Thanked 83 Times in 39 PostsJoin Date: Feb 2013
Yesterday, 08:55 PM
thanks bro
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
8 of 11 5/24/2013 10:05 AM
(#9 (permalink))
123pirate is OfflineDangerous Member
Rep Power: 1
Posts: 302Thanks: 23Thanked 13 Times in 8 PostsJoin Date: Nov 2012Location: In your basment.
Yesterday, 09:59 PM
Awesome post man!
Please make more
<~©~> is Online
Cool Member
Rep Power: 1
Posts: 933Thanks: 130Thanked 286 Times in 167 PostsJoin Date: Oct 2012Location: MY ABH - Your Trust and Safety
Yesterday, 10:32 PM
fully explained thanks mate.......
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
9 of 11 5/24/2013 10:05 AM
Show your signature
Quick Reply
Message:
Fonts Sizes
Smilies [More]
Options
Quote message in reply?
Post Quick Reply Go Advanced
« How to do Hacking the Internet(WAN) Not LAN Using Metasploit – The Logic | Create a CookieLogger and Hack any Account{Working Links} »
Currently Active Users Viewing This Thread: 1 (1 members and 0 guests)
fighter1234
Posting Rules
You may post new threadsYou may post repliesYou may not post attachmentsYou may edit your posts
BB code is OnSmilies are On[IMG] code is OnHTML code is OffTrackbacks are OnPingbacks are OnRefbacks are On
Forum RulesForum Jump
Hacking & Security Tutorials Go
Similar Threads
Thread Thread Starter Forum Replies Last Post
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
10 of 11 5/24/2013 10:05 AM
Similar Threads
"Selling" Amazon, Walmart, Itunes"eGift Card"
Crions I Sell Open Source 109-08-2012 08:55
AM
How to "card" successfully Max_Mafiotu Hacking & Security Tutorials 3208-31-2012 01:11
AM
"3" "Freshiest" "Cvv's" "For" "TODAY" (All Live + Checked + Working + highbalance )
kavroche Accounts and Database Dumps 406-21-2012 05:19
AM
"1" "Freshiest" "Cvv's" "For" "TODAY" (All Live + Checked + Working + highbalance )
froufrou Accounts and Database Dumps 406-15-2012 01:27
AM
How to "card" successfully Max_Mafiotu Hacking & Security Tutorials 1804-22-2012 09:41
AM
Powered by vBulletin 4.0.6
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd
Norton Safe Web McAfee SiteAdvisor
Server Security By Anass Atef Rowaad.com.sa
All messages expressed here in are the views of the author or the original poster , and are not and should not be
taken as representative of the official policies of the forum
or its management or the views of its staff. If you have any questions,complaints and suggestions please feel free to
read the following "Terms of Service" or Send Email us or You Can Call us.
+972 (57)9481817
Terms of Service
-- :: ABH Old Style :: Contact Us - ABH Home - Archive - Top
Search Engine Optimization by vBSEO 3.6.0
{HOT} How to "card" successfully http://www.alboraaq.com/forum/abh440591/
11 of 11 5/24/2013 10:05 AM