You have excellent points in your detailed answer, thank you, but If FV was as used as SSL could be, what prevents, to use your terms, someone to get MILLIONS of FV's identifiers and use each one only once, etc ... (imo your figures about SSL and crypto softs risks are over evaluated, so I over evaluate the 'risks' of yours using same assumptions) There can't be more security by transferring data on the clear compared to an encrypted one... except maybe that people using encryption can often feel overconfident. So, as someone pointed out, it is not that much a problem about CC# which are available easily anyway, but in fact, using encrypted communications is the only way to ensure (some) *privacy*, in addition to being a security improvement. A problem is to avoid to fail on "customer expectation", especially when you've created it. So probably there was too much focus and advertising on security issues on the internet, by the very same companies that prove later to fail, giving wrong expectation. Privacy remains a goal anyway, and financial insecurity never was a problem as long as it remains under a small %. So I'd prefer to use crapy netscape 1.1 40 bits export SSL than your system... Though what I'd really use is PGP :-) Anyway, if you have happy customers, good for you... I'd suggest that you'd use "Security through Clarity" as motto ;-) dl -- Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|... Freedom Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept fissionable SEAL Team 6 Kaser Sose nuclear Clinton domestic disruption DST