In message <[EMAIL PROTECTED]>, John Levine writes:
>>Why does the clerk at Blockbuster want to see your driver's license?
>>Because his management has been told, by their bank, that if they do
>>not attempt to verify the identity of credit card users they will
>>risk their business relationship with the bank.
>It's been my impression that the way you're supposed to verify the ID
>of a credit card user is by checking the signature.  I've heard of
>banks telling businesses not to demand separate ID.  On the other
>hand, I can easily believe that Blockbuster came up with the ID idea
>all by themselves.

I very rarely rent from Blockbuster, so I may have the details wrong; I 
can state for sure how things work at the local video store I usually 

When I signed up with them, I supplied a credit card number; they 
retained that for contingency charges if I fail to return a video.  
(Odd -- my local library doesn't do that.  But I digress.)  In return, 
they handed me an account-linked credential -- exactly the sort of 
thing that is often advocated on this list.

>From my perspective, the form factor of the credential wasn't ideal; it 
was one of those key ring-sized cards, and I soon lost it, probably 
during a wallet upgrade.  No problem -- they're happy to fall back to 
the secondary authentication system, to whit my drivers' license.  I 
show that to get access to the account, independent of how I actually 
pay for the rental.  In other words, they are not using my license to 
authenticate my credit card.  (I would add that the feeds are low 
enought that I almost always pay in cash; I have no idea if they even 
have the ability to use the stored credit card for rental fees if I 
don't present the card separately.  Hmm -- the account is old enough 
that the expiration date on my credit card has long since expired.  
They've never asked me for an update.  Maybe they're using a reputation 

                --Steven M. Bellovin,

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to