Web site transaction security stuff has been standard operating procedures for years at just about every e-commerce site in business – except for the Obama campaign donation site. Late last week I tested both the McCain and Obama sites by trying to send $10 to each campaign using a real credit card number and expiration date, but everything else was fake.
Author note: While I’m away from the computer, I’m republishing my top 20 posts from 2008 each afternoon. -Steve
Today, the Washington Post is catching on.
Sen. Barack Obama’s presidential campaign is allowing donors to use largely untraceable prepaid credit cards that could potentially be used to evade limits on how much an individual is legally allowed to give or to mask a contributor’s identity, campaign officials confirmed. …
In recent weeks, questionable contributions have created headaches for Obama’s accounting team as it has tried to explain why campaign finance filings have included itemized donations from individuals using fake names, such as Es Esh or Doodad Pro. Those revelations prompted conservative bloggers to further test Obama’s finance vetting by giving money using the kind of prepaid cards that can be bought at a drugstore and cannot be traced to a donor. …
The problem with such cards, campaign finance lawyers said, is that they make it impossible to tell whether foreign nationals, donors who have exceeded the limits, government contractors or others who are barred from giving to a federal campaign are making contributions.
This is good reporting concerning the prepaid credit cards that are untraceable, but it still does not cover all of the problems with the Obama system.
If they simply put in the same security measures that the McCain site has, most of the problem donations could have been completely avoided. McCain is not asking for a CVC number, but they do have other security checks in place. (I proved it)
Obama’s site is not doing any of the following.
- Requiring a CVC number with every transaction.
- Requiring that the last name on the card matches the last name on the Web donation form.
- Requiring that the zip code for the cards billing address matches the zip code on the Web donation form.
Next, Obama’s camp is going to complain that donations were coming in so fast, that they had to turn off the security checks to keep the site from crashing or being too slow. Bull.
Maybe if Obama had kept his promise to only stick with public financing, he would not have any issues.
The CNN anchor [Campbell Brown] then reminded her viewers of Obama’s public financing promise: “One year ago, he made a promise. He pledged to accept public financing, to work with the Republican nominee to ensure that they both operated within those limits. And then it became clear to Senator Obama and his campaign that he was going to be able to raise on his own far more cash than he would get with public financing. So, Obama went back on his word. He broke his promise…”