On 07/31/2010 08:37 PM, Jeffrey I. Schiller wrote:
In general I agree with you, in particular when the task at hand is
authenticating individuals (or more to the point, Joe
Sixpack). However the use case of certificates for websites has worked
out pretty well (from a purely practical standpoint). The site owner
has to protect their key, because as you say, revocation is pretty
much non-existent.

The publicity campaign for SSL digital certificates and why consumers should feel good about 
them was major reason that long & ago and far away, I coined the term "merchant 
comfort" certificates.

Part of what was recognized by the x9a10 financial standard working group (and the 
resulting x9.59 financial standard) was that relying on the merchant (and/or the 
transaction processor) to provide major integrity protection for financial transactions 
... is placing the responsibility on the entities with the least financial interest ... 
the "security proportional to risk" scenario
(where largest percentage of exploits occur in the current infrastructure ... 
including data breaches)

The payment current paradigm has the merchant financial interest in the 
transaction information is the profit on the transaction ... which can be a 
couple dollars (and transaction processor profit can be a couple cents on the 
transaction). By comparison (in the current paradigm), the crooks financial 
motivation in the transaction information is the account credit limit (or 
account balance) which can be several hundred to several thousand dollars ... 
as a result, the crooks attacking the system, can frequently afford to outspend 
the defenders by two orders of magnitude (or more).

The majority of fraud (in the current infrastructure) also contributed to retailers having significant 
"fraud" surcharges onto their interchange fees. Past crypto mailing list threads have discussed 
that financial infrastructures make a significant percent of their profit/bottom-line from these "fraud 
surcharges" (large US issuing financial institutions having made 40-60% of their bottom line from these 
fees) ... with interchange fee "fraud surcharges" for highest risk transactions being 
order-of-magnitude or more larger than for lowest risk transactions.

The work on x9.59 financial standard recognized this dichotomy and slightly 
tweaked the paradigm ... eliminating knowledge of account number and/or 
information from previous transactions as a risk. This would significantly 
decrease the fraud for all x9.59 transactions in the world (i.e. the x9a10 
financial standard working group had been given the requirement to preserve the 
integrity of the financial infrastructure for *ALL* retail payments; 
point-of-sale, face-to-face, unattended, internet, debit, credit, stored-value, 
high-value, low-value, transit turnstyle, cardholder-not-present; aka *ALL*). 
As a result, it also eliminates the major use of SSL in the world today ... 
hiding financial transaction information. It also eliminates other kinds of 
risks from things like data breaches (didn't eliminate data breaches, but 
eliminated the motivation behind the majority of breaches in the world today, 
being able to use the information for fraudulent financial transaction).

The downside, is with the elimination of all that fraud ... it eliminates the majority of 
"fraud surcharge" from interchange fees ... and potentially cuts the "interchange 
fee" bottom line for large issuing institutions from 40-60% to possibly 4-6%. It sort of could 
be viewed as commoditizing payment transaction.

A decade ago, there were a number of "secure" payment transaction products floated for the internet ... with significant upfront 
merchant interest ... assuming that the associated transactions would have significant lower interchange fees (because of the elimination 
of "fraud" surcharge). Then things went thru a period of "cognitive dissonance" when financial institutions tried to 
explain why these transactions should have a higher interchange fee ... than the highest "fraud surchange" interchange fees. The 
severity of the "cognitive dissonance" between the merchants and the financial institutions over whether "secure" 
payment transactions products should result in higher fees or lower fees contributed significantly to the products not being deployed.

virtualization experience starting Jan1968, online at home since Mar1970

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to