Patrick Ruffini writes that the Obama web site has disabled a standard mechanism that protects against credit card fraud:
The Obama campaign has turned its security settings for accepting online contributions down to the bare minimum — possibly to juice the numbers, and turning a blind eye towards the potential for fraud not just against the FEC, but against unsuspecting victims of credit card fraud.
The issue centers around the Address Verification Service (or AVS) that credit card processors use to sniff out phony transactions. I was able to contribute money using an address other than the one on file with my bank account (I used an address I control, just not the one on my account), showing that the Obama campaign deliberately disabled AVS for its online donors.
AVS is generally the first line of defense against credit card fraud online. AVS ensures that not only is your credit card number accurate, but the street address you’ve submitted with a transaction matches the one on file with your bank.
Authorize.net, the largest credit card gateway provider in the country, lists AVS as a “Standard Transaction Security Setting,” recommends merchants use it, and turns it on by default. So, in order for AVS to be turned off, it has to be intentional, at least with Authorize.net.
Power Line has been asking about this too, but this is the first explanation I’ve seen for what Obama is actually doing.