At 9:24 AM 07/07/94 -0400, Richard Martin wrote:

I worked a few years in a pharmacy (credentials established) and so noticed that most customers will take it as a personal affront if anything more than this cursory attention is paid to their credit card. It's a North American phenomenon I can attest to, though whether it's much different from European attitudes I cannot judge until I work retail on the other side of the pond. (Read, hopefully never. Retail, that is. I would like to work in Europe at some point. But I'd rather not be selling Aspirin.)

A lot of people can ger really bitchy about 'not being trusted'. In the hotel I used to work in, if I even asked people to sign the back of an unsigned card they'd fly off the handle. "Sir, I *am* the acting manager..."

Out of some interest, what do the "swipe" card verification systems do? How much information do they read from the card and pass down the telephone line? How much information would a tap of such a transmission reveal?

At the least, they reveal card number, expiration date, transaction location, amount of purchase and (obviously) time of purchase. I suppose more could be on the card, but I am not sure what good that would be (if you have card number, any credit card company is gonna have much more data on you than will fit on a magnetic strip). I do wonder how many newer cash registers track purchase -> card number records, but I doubt this does to card issuers (well, at least not for free). But this discussion has less and less to do with crypto... -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence <jamiel@sybase.com>