Scott Brickner writes:
Nathan Loofbourrow writes:
It may be that the approach is off anyway. Credit cards have only signature verification -- if the salesperson bothers -- because stolen cards are reported. You don't need a strong authentication technique if a stolen card is easy to cancel.
The card's easy to cancel, but the cash ain't. Credit cards are cleared with the issuer. Digital cash with smart cards acting as transaction observers don't need this. The thief need only transfer the cash from the stolen card to his own, just like he does with regular cash.
Er, um, right. Well, then, perhaps on-line systems need to consider cash revocation in case of theft. Actually, this is a no-brainer: just exchange the cash for some new coin, and the old stuff goes invalid. Admittedly, this means a footrace for the mugger and the victim, so I guess the mugger is encouraged to knock you out cold. Maybe you just shouldn't carry too much cash with you. Gee, that sounds like good advice even without digital protocols.
Even with a weak PIN system for authentication, you can always provide a "duress" PIN, right?
Sounds like a better choice.
Duress PINs liberally sprinkled through the keyspace also drop the efficacy of brute-force PIN search for the thief. nathan