http://www.computerworld.com/securitytopics/security/story/0,10801,78873,00.html?SKC=security-78873
Don't-Ask-Don't-Tell E-Commerce By ROBERT L. MITCHELL MARCH 03, 2003 Content Type: Opinion Source: Computerworld Dealing With Credit Card Fraud If e-commerce is to flourish, policies need to change now. When it comes to IT security, good technology can't protect an organization against bad policy. Judging from the way the banking industry handled the recent theft of more than 8 million credit card account numbers [QuickLink 36530], that's a lesson that major U.S. credit card associations and issuers have yet to learn. The situation is unlikely to improve in the near term because the financial services firms that control most credit cards see little economic incentive to change their ways. Those most at risk of incurring losses include consumers (through identity theft), and merchants that accept "card-not-present" transactions. ...snip... -- Internet trivia, 20th anv: http://www.garlic.com/~lynn/rfcietff.htm