Dec 04, 2016

The paper:

Ali, Mohammed Aamir and Arief, Budi and Emms, Martin and van Moorsel, Aad (2016)

Does The Online Card Payment Landscape Unwittingly Facilitate Fraud?

IEEE Security & Privacy

Dec 04, 2016

Apparently, VISA does not do this.

The actual research paper is online:

It says this: "Whereas MasterCard’s centralised network detects the guessing attack after fewer than 10 attempts (even when those attempts were distributed across multiple websites), Visa’s payment ecosystem does not prevent the attack"