credit card conventional wisdom
hallam at w3.org
hallam at w3.org
Tue Nov 14 18:52:04 PST 1995
The articile misses the point. What the credit card cos are worried about is the
disclosure of credit card numbers in bulk by merchant servers connected
incompetently to the internet. The issue of customer exposure is a non issue,
regulation E means that there is no customer risk.
There is in fact a distinction between "card present" and "card not present"
transactions. AMEX cards for example have an extra group of four digits which
are not part of the embossed card number. They are used as additional
verification to prove that a card is present. In general a merchant pays a lower
commission for card present transactions to reflect the reduced risk.
The point of the article is that people running roung like headless chickens
because of Internet insecurity miss the main point, the security is no worse
than the real world we just have rather higher standards.
What it does mean is that people like myself will be able to make a nice living
explaining to people what security issues to forget and which ones to worry like
hell about.
Phill
More information about the cypherpunks-legacy
mailing list