Re: credit card conventional wisdom
At 10:48 AM 11/16/95 -0800, Vladimir Z. Nuri wrote:
... about credit card liability Hmmm, a few words about credit card liabilty. The situation now is that in a "card not present" transaction the merchant is liable for the fraud. This means that *a lot* of internet based stores are getting eaten alive by fraud. The big issue right now is not cards being stolen from the telco switch (yes it's a risk but can anybody cite it happening?). The issue is authentication of the card user. We have a significant investment in AI / credit scoring code to defeat the wannabe crackers. This goes way beyond mod 10 checks and address verification. [ as an aside I've put two people in jail this year for card fraud ] John John Pettitt, jpp@software.net VP Engineering, CyberSource Corporation, 415 473 3065
In this context is the merchant defined as the the corporation selling the physical good for delivery or the corporation that is operating the server? These two parties under certain circumstances may be the same party, but in this example lets assume they are seperate entities. If I am interpreting "internet based stores" in the proper context, the cardholder and the bank have recourse against the company operating the server. Is this correct? Regards: -arc Arley Carter Tradewinds Technologies, Inc. email: ac@hawk.twinds.com www: http://www.twinds.com "Trust me. This is a secure product. I'm from <insert your favorite corporation of government agency>." On Thu, 16 Nov 1995, John Pettitt wrote:
At 10:48 AM 11/16/95 -0800, Vladimir Z. Nuri wrote:
... about credit card liability
Hmmm, a few words about credit card liabilty.
The situation now is that in a "card not present" transaction the merchant is liable for the fraud. This means that *a lot* of internet based stores are getting eaten alive by fraud. The big issue right now is not cards being stolen from the telco switch (yes it's a risk but can anybody cite it happening?). The issue is authentication of the card user. We have a significant investment in AI / credit scoring code to defeat the wannabe crackers. This goes way beyond mod 10 checks and address verification.
[ as an aside I've put two people in jail this year for card fraud ]
John John Pettitt, jpp@software.net VP Engineering, CyberSource Corporation, 415 473 3065
The situation now is that in a "card not present" transaction the merchant is liable for the fraud. This means that *a lot* of internet based stores are getting eaten alive by fraud.
This is not quite accurate. In the US there is that distinction, in the UK the credit card co is responsible. For that reason the requirement that goods be delivered to the billing address _ONLY_ is strictly enforced.
[ as an aside I've put two people in jail this year for card fraud ]
Good to hear that! Phill
participants (3)
-
Arley Carter -
hallam@w3.org -
John Pettitt