credit card conventional wisdom

[Arley Carter]

Vladimir:
Calm down.  This is why I started my post with "Maybe this is stupidly
obvious question but....."  I am trying to illustrate some simple points
and ask some simple questions:

1. Risk to a cardholder is on a vastly different scale than risk to the Bank 
Consortiums that run the credit card business. Charge offs and fraud
are of course as you point out a cost of doing business.  If it is not an 
acceptable risk to the card holder and the bank it won't happen.  The bank
won't deploy a system that they view as exposing them to unacceptable loss.
The cardholder will not use a system that offers him no recourse to recover
losses. End of Story.  

2. The Bank Consortiums are doing a poor job of explaining to cardholders
merchants and developers such as you and me that are supposed to
implement these "open" specs exactly *what* our risks are in developing and
deploying these systems on our servers. The bank consortiums will have 
contracts or usage agreements governing the clearing of transactions in 
cyberspace.   When a loss is claimed by a cardholder, how will the loss
(if there is one) be allocated between the cardholder, merchant, the company
operating the server that processed the credit card and the bank be 
allocated.  

3.  I'm getting tired of seeing posts this list about what is more dangerous
cyberspace or restaurantspace.  Let's focus on the real mechanics of how
the ground rules of credit card clearing will operate in cyberspace. The
credit card consortiums can advance the cause of electronic commerce by
stating in unambigous terms what their views are of these ground rules.
Developers, cardholders and merchants can then make a judgement on whether
those risks are acceptable to each party respectively.  

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac at hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."