Laurent -- I strongly recommend that you make an effort to understand the real risks involved in Internet commerce. There are critical security flaws in the encrypted commerce approach, which I fear you are overlooking. By focusing on the ease of stealing a single identifier, or faking a single transaction, I think you overlook some much more important issues. The point is not that people can't intercept your First Virtual ID by sniffing on the net. Obviously they can. The point is not that people can't forge mail from you. Obviously they can. The point is not that people can't intercept FV's confirmation query, which contains a one-time code, and forge the appropriate response to authorize that purchase. Obviously they can. The point is not that people can't selectively block your incoming mail, so that you can't even tell when the above has happened. Obviously they can. The point is that if someone goes to all the trouble of doing all the above -- which is what it takes to commit serious fraud with First Virtual -- then *all* that they get is the temporary use, on the Internet only, of a single credit card. (Note also that I've just spelled out *exactly* what it takes to commit fraud with FV. I am suspicious of any commerce systems that don't offer such an explanation. In the case of SSL, the explanation would probably start out, "find a single bug in the implementation of the cryptographic algorithms.") Schemes like SSL, which encrypt a credit card number and then transmit it on the net, carry with them a very different kind of risk: the risk that a single criminal could steal MILLIONS of credit card numbers. If an SSL-like scheme were in wide use world-wide, the hacker who just made a name for himself by breaking SSL could instead have gone down in HISTORY as the person who destroyed the twentieth-century credit card system by stealing millions of credit cards and using each one just once. Or, if his goals were more practical, he could have simply chosen any desired level of affluence and lived that way for the rest of his life. (This is not an exaggeration. I can flesh this out to an alarming degree of detail, actually.) FV does not claim to have invented a method of commerce that is foolproof. There is no such system, and that certainly includes the existing credit card, cash, and check infrastructure. What FV has invented is a system for Internet commerce in which the risk/reward ratio is sufficiently low to permit large-scale commerce. Any cryptographic approaches which make similar claims must also be evaluated in terms of risk/reward ratio. If a system has a catastrophic risk, no matter how low-probability, this is worse than a system with higher-probability risks of much lower consequence. (When driving my car, I'd rather be in ten fender-benders than one high-speed head-on collision at 90 MPH.) My own experience with real-world software -- which is only confirmed by the recent SSL scandal -- makes me tend to believe that every program has bugs, and that therefore every crypto system will carry with it a significant practical risk of compromise. It therefore makes no sense to design the commerce infrastructure in such a way that the cost of that risk is catastrophic. FV has had several minor incidents of fraud. They didn't make any headlines and they didn't require any mad scramble to fix the software, because the costs of the fraud were so low to all concerned. -- Nathaniel -------- Nathaniel S. Borenstein <nsb@fv.com> | When privacy is outlawed, Chief Scientist, First Virtual Holdings | only outlaws will have privacy! FAQ & PGP key: nsb+faq@nsb.fv.com | SUPPORT THE ZIMMERMANN DEFENSE FUND! ---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>