There was an early attempt to use cryptography to authenticate online credit card transactions, the SET protocol pushed by Visa and Mastercard in the late 1990s. SET would require PC users to download a "digital wallet" application which would hold cryptographic credentials that would be used to authorize a transaction. The wallet software would then issue a digital signature when the user approved a purchase.
SET failed due to the complexity of distributing the software and setting up the credentials. I think another reason was the go-fast atmosphere of the late 90s, where no one wanted to slow down the growth of ecommerce. The path of least resistance was simply to bring across the old way of authorizing transactions by card number. Only now are we belatedly beginning to pay the price for that decision. If anything, it's surprising that it has taken this long. If phishing scams had sprung up five years ago it's possible that SET would have had a fighting chance to survive. I predict that we will eventually move to a SET-like system; not necessarily that exact protocol, but something based on cryptographic authorizations for online purchases rather than the card number based systems in use today. In considering such solutions, it is important to distinguish threat models. Phishing is so harmful because it succeeds without even breaking in to users' computers. A SET-like system can protect against such scams. Defending against breakin attacks is a harder problem, but that doesn't mean that solving the easier problem is useless. Contrary perhaps to the conventional wisdom, I am optimistic that we will see increases in computer security over the next several years and that break-ins, although not eliminated, will be greatly reduced. This model makes it even more important to move towards cryptographic assurance for payment systems. Hal Finney --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
