The GAI analyzed the official campaign websites for all 535 members of Congress, as well as for Obama and Republican presidential nominee Gov. Mitt Romney.
Nearly half of the congressional websites, as well as the Obama campaign site, did not use anti-fraud tools, according to the report.
Most significantly, the websites in question did not require donors to enter the three-digit or four-digit card-verification value, or CVV, when making donations.
Use of CVVs is an industry standard that helps verify the legitimacy of a card holder, but there is no PCI or legal requirement to ask for a CVV, and many online retailers don’t ask.
The GAI noted that a CVV is required to make a donation on Romney’s official website, as well as to buy campaign merchandise on both the Obama and Romney sites. (It may be that donations and merchandise sales on both sites are handled separately.)
“The absence of these security protocols is incongruous with the acknowledged technological sophistication of the [Obama] campaign,” GAI said in its report.
Click here to read the full article.