Perry Metzger writes: > So, what is to be done? I would propose that the replacement of the > credit card infrastructure is needed. Fraud is prevalent because of a > massive inherent security flaw in the current system, to whit, > the account number is identical to the payment authenticator, and > you can make a payment merely through possession of a piece of stolen > plastic. > > A system in which the credit card was replaced by a small, calculator > style token with a smartcard style connector could effectively > eliminate most of the in person and over the net fraud we experience, > and thus get rid of large costs in the system and get rid of the need > for every Tom, Dick and Harry to see your drivers license when you > make a purchase. It would both improve personal privacy and help the > economy by massively reducing transaction costs.
Have you ever used an ATM/debit card for a purchase? You swipe it and then the merchant hands you a keypad to enter your PIN. Yes, an insider could hack the device and steal your PIN along with your card, or use various other attacks to get the PIN, but it's much more complicated than using an opportunistically stolen credit card. These have come into common use in the past several years. I don't understand the commentary here which seems oblivious to the existence of this widely used alternative payment system in the U.S. All I am reading is "oh, we can't switch, no one will ever switch from credit cards." People are switching; it's happening everywhere. A video game chain store in town, I think it's EBX, only accepts these cards, they won't take credit cards. Hal Finney --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]