FV Demonstrates Fatal Flaw in Software Encryption of Credi t Cards

[Ernest Hua]

> This announcement describes a rather sophisticated technology that   
> delivers nthe same information that any retail clerk can capture today.   
>  Using stolen credit card numbers is a risky business, and the ability of   
> the credit card companies in detecting fraud and locating criminals is   
> quite real.

Retail clerks are not lone bandits.  Retail clerks are employees of
companies which have a strong interest in keeping their reputation
squeaky clean (or risk losing business and welcoming lawsuits).  Yes,
there is no absolute guarantee that clerks will not do something bad
anyway, but there is some self-regulation in that scenario because
someone involved has a strong investment in the community.

A lone bandit writing difficult to detect viruses scamming for credit
card numbers all over the net does not have the strong investment in
the community to preserve or protect.

You wouldn't give your credit card to some random punk on the street,
would you?  However, you have no trouble giving it to a reputable
store.  Why?  For exactly the same reason.

> Of course, since Federal law requires the credit card companies, not the   
> user, to pay the costs of fraud, First Virtual's entire premise is a red   
> herring.  If the credit card companies are willing to take the risk, they   
> will (and are).

Federal law does not require that a company stay in business once it
has entered the banking market.  If the risks are too high for them
to make a profit, they will fold.  If they are smart enough to see
the writing on the wall, they will pack up and move elsewhere in the
market.

Ern