please, can people tell us about what their country's liability
framework is, as they understand it, and where the onus of proof is
for what sorts of transactions?

this is one of the few areas where consumers have some actual
protection in the us.

due to ross anderson, i have heard about the uk.   has this been harmonized
in the eu?

many other countries are a mystery to me.

it would seem to me even in countries with pro-bank/anti-consumer stances
the risk could be limited by putting few eggs in that basket, rather than
giving up on using baskets entirely.

as an offering from left field, here's an pretty good paper about
fraud and identity in .au and .nz

On Mon, Dec 05, 2005 at 07:09:33PM +0100, Jonathan Thornburg wrote:
> I would never use online banking, and I advise all my friends and
> colleagues (particularly those who _aren't_ computer-security-geeks)
> to avoid it.
> >On Sun, Dec 04, 2005 at 05:51:11PM -0500, [EMAIL PROTECTED] wrote:
> >I've been using online banking for many years, both US and Germany.
> >The German PIN/TAN system is reasonably secure,
> >being an effective one-time pad distributed through out of band channel
> Ahh, but how do you know that the transaction actually sent to the
> bank is the same as the one you thought you authorized with that OTP?
> If your computer (or web browser) has been cracked, you can't trust
> _anything_ it displays.  There are already viruses "in the wild"
> attacking German online banking this way:
> I also don't trust RSAsafe or other such "2-factor authentication"
> gadgets, for the same reason.
> [I don't particularly trust buying things online with a credit card,
> either, but there my liability is limited to 50 Euros or so, and the
> credit card companies actually put a modicum of effort into watching
> for suspicious transactions, so I'm willing to buy (a few) things online.]
> ciao,
> -- 
> -- Jonathan Thornburg <[EMAIL PROTECTED]>
>    Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut),
>    Golm, Germany, "Old Europe"
>    "Washing one's hands of the conflict between the powerful and the
>     powerless means to side with the powerful, not to be neutral."
>                                       -- quote by Freire / poster by Oxfam
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to