I’m ripping the content straight from Powerline. Ace actually had the story last night, but it was only a single source; PL claims in an update that other readers have replicated the experiment. Quote:
I went to the Obama campaign website and entered the following:
Name: John Galt
Address: 1957 Ayn Rand Lane
City: Galts Gulch
Then I checked the box next to $15 and entered my actual credit card number and expiration date (it didn’t ask for the 3-didgit code on the back of the card) and it took me to the next page and… “Your donation has been processed. Thank you for your generous gift.”
This simply should not, and could not, happen in any business or any campaign that is honestly trying to vet it’s donors. Also, I don’t see how this could possibly happen without the collusion of the credit card companies. They simply wouldn’t allow any business to process, potentially, hundreds of millions in credit card transactions where the name on the card doesn’t match the purchasers name.
In short, with the system set up as it is by the Obama camp, an individual could donate unlimited amounts of money by simply making up fake names and addresses. And Obama is doing his best to facilitate this fraud. This is truly scandalous.
The same guy claims to have tried to donate the same way on McCain’s website and had his card rejected. I’m skeptical that The One would be quite this blatant about things, but (a) at the Corner, Mark Steyn notes that the only way to get his own online merchandising vendor to bypass a name check when processing credit card information would be to modify certain security settings, and (b) this wouldn’t be the first time Team Barry’s website had dragged its feet on online donation security measures. From Ken Timmerman’s much-linked piece at Newsmax last month: “Unlike McCain’s or Sen. Hillary Clinton’s online donation pages, the Obama site did not ask for proof of citizenship until just recently. Clinton’s presidential campaign required U.S. citizens living abroad to actually fax a copy of their passport before a donation would be accepted.” Meanwhile, in response to his earlier post on this, Geraghty receives this e-mail from an Obama supporter:
Back in August or September (not sure which) Obama’s site definitely would not take my money because I was entering my school address instead of my permanent (parent’s) one. I remember being slightly annoyed at the time. I just tried it to donate again using my school address and it went through no problem. That’s more than a bit disappointing.
Hopefully, the suspect funds will be returned. Almost 2 million was refunded just last month.
There’s definitely no excuse for this though.
Any readers willing and able to help confirm or debunk? Knowledge of online vending a plus! Also a plus: Tolerance for being called a hater or racist for questioning the security measures of a guy who famously hasn’t released any information about his many, many, many small donors. If you succeed, your reward will be watching the media pounce on this story — to find out who “John Galt” is, so that they can give him a beating Joe-the-Plumber-style.
Update: A reader tells Steyn that his donation as “JarackBoe BOamabiden” was accepted.
Update: Lots more info at Ace’s from readers who are replicating the experiment. Question: Is it possible that the website’s showing a “transaction confirmed” message before the transaction’s actually confirmed, and all these donations are being rejected later?
Update: Reader “Dale in Atlanta” says he tried it with a fake name and the transaction showed up on his credit card immediately — but marked “pending.” We’ll find out later today if it clears.
Update: Just across from the RNC:
The Republican National Committee (RNC) today filed a supplement to its complaint with the Federal Election Commission (FEC) against the Obama for America campaign addressing its acceptance of foreign national and excessive contributions, donations from unknown sources, and demonstrated lack of oversight or concern for compliance with the law. The complaint demonstrates that the Obama campaign has failed to comply with federal campaign finance law in its fundraising. RNC Chief Counsel Sean Cairncross released the following statement today concerning the supplement to the complaint:
“Based on numerous press accounts that have come to light since our initial filing in early October, it is clear that the Obama for America campaign is operating outside of the law. The complete and total lack of any control mechanisms within the Obama campaign’s fundraising operation has undermined any confidence in their ability to curtail excessive, foreign, and fraudulent contributions and demands immediate attention from the Federal Election Commission (FEC).”
Update: Here’s something a reader sent me, for what it’s worth:
I recently set up credit card processing for my startup company and the way it works is the vender (ie me, or Obama’s campaign) selects whether the info must match what is on the card. If they opt not to they accept the risk of being flagged after too many fradulent charges are reported by them to the credit card companies. Since these people are (presumably) using their actual credit card and just giving a different name to avoid the donation limits I doubt they’ll file complaints about the charges with their card company.
So the only time you would ever do this is if you know your clients really well. The only reason I can think of for Obama’s campaign to do this is to avoid the donations cap. The fact that this isn’t all over the media is truly a shame.
Update: Unbelievable. Suddenly, after multiple blog readers had their phony donations accepted and this story started percolating on right-wing blogs, the security system is magically back in place.
Update: I don’t know what happened to the guy in the last update but Flip says he successfully donated five bucks at 2:05 p.m. with the following info:
Name: Nodda Realperson
Address: 1000 This Is a Bogus Street
City/State: Neighborhood of Makebelieve, CA
Email: [email protected]it.com
Employer: Barack Obama
Occupation: Cow-Eyed Disciple
A friend e-mails to ask if anyone’s tried this with a foreign credit card to see if there’s any difference. Anyone got one?
Update: Commenter “Bombast” says his foreign credit card worked like a charm:
I have a credit card issued by a bank in Hong Kong.
I’ve just made 5 donations of $5 each using the card. I listed fake addresses in North Korea, Iran, Gaza, Venezuela and Kenya. The names and addresses were made up, each was different, I listed real Yahoo email addresses that forward to me.
Not A. Realperson
Over Donation Limit
All 5 went through without a problem. I’m already being solicited for more money.
Update: One of Jonah Goldberg’s readers says he tried this at McCain’s website and was rejected.
Update: Patrick Ruffini was Bush’s web guy in 2004 and specializes in online campaign finance, so he knows what he’s talking about here. Verdict: Fraud.
The issue centers around the Address Verification Service (or AVS) that credit card processors use to sniff out phony transactions. I was able to contribute money using an address other than the one on file with my bank account (I used an address I control, just not the one on my account), showing that the Obama campaign deliberately disabled AVS for its online donors…
The end result? “Donors” like “Doodad Pro” can submit tons of donations totaling well above the $2,300 limit using different bogus addresses (this does clarify how donations from “Palestine”, or PA, got through). And the campaign has no way to reliably de-dupe these donations, besides looking at the last four digits of the credit card number, which with 3.1 million donors is an identifier that could be shared by literally hundreds of donors, and is not as easy to eyeball like a common name or address would be. The ability to contribute with a false address, when the technology to prevent it not only exists but comes standard, is a green light for fraud.