This reference is a bit more current and substantive; http://www.springerlink.com/content/95v85j2u7367r1v6/
It's odd that since AmEx released a form of this technology in 2000 that it's not more wide spread. Perhaps it's that being able to track people via a single card number is so desirable for some that the will to move to something more secure/private(?) is absent. On 2/10/2011 12:07 AM, Kevin Stadmeyer wrote: > Multiple brands offer one time use disposable number > (http://news.cnet.com/2100-1017-245428.html) so the technology is there, > and these would be for online or over the phone transactions only, where > the perceived risk of theft is higher. > > On Wed, Feb 9, 2011 at 6:43 PM, Shane <[email protected] > <mailto:[email protected]>> wrote: > > I hear in the old days of credit fraud, physical lists of bad-account > numbers were send out in the mail, merchants had to review each > transaction manually or risk being taken. > > I suppose the pressure of having one-time-use card numbers is a > legacy/comparability problem, the amount of carbon paper imprints being > used today is still fairly high. > > One-time-use numbers would probably be fairly tricky to implement also, > to avoid duplicates while still affording hard to sequence/predict > series. > > > On 2/9/2011 1:43 PM, dave wrote: > > So the other thing that became obvious is that we are completely > wasting our time > > having law enforcement track down people who steal credit cards > numbers. There's no > > reason a credit card number should be valid for anything but a > single transaction, > > but the banks for some reason don't want to redo their systems. > > > > So instead, the US Govt subsidizes them and spends all their time > hunting down the > > thousands of people involved in credit card theft, which > accomplishes exactly > > nothing. Honestly, they have better things to do, imo. > > > > For every "BadB" caught, five more are in line to do exactly the > same thing. > > Meanwhile, the number of days a credit card can be in use before it > gets compromised > > by a hacker is approximately one. What's wrong with this picture? > > > > -dave > > > > > > Dave Aitel wrote: > >> So I was at a meeting last week, and one of the high ranking members > >> said something like this, which I'm sure you've heard before: > > > >> Member: We've improved our communications by setting up this great > >> website! It allows us to communicate all our super-important and > >> highly confidential information. We had a marketing team put it > >> together so it looks really professional and nice and is easy to use. > >> We think this will really help our mission. Oh, and we had a friend of > >> a friend do a quick free security scan for us, so it's secure too. > > > >> So here's my simple and 100% accurate metric: If you spent more on > >> your GUI than on your security, you don't have a secure application. > >> Start preparing for the PR fallout of your website getting hacked now. > > > > > >> -dave > >> _______________________________________________ > >> Dailydave mailing list > >> [email protected] > <mailto:[email protected]> > >> https://lists.immunityinc.com/mailman/listinfo/dailydave > > > > > _______________________________________________ > Dailydave mailing list > [email protected] <mailto:[email protected]> > https://lists.immunityinc.com/mailman/listinfo/dailydave > > _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
