- Original Message -
From: "Victor Duchovni" <[EMAIL PROTECTED]>
Subject: Re: EMV [was: Re: Why Blockbuster looks at your ID.]
Whose loses do these numbers measure?
- Issuer Bank?
- Merchant?
- Consumer?
- Total?
I'd say that you've fairly well hit
>
>
> On Sat, 9 Jul 2005, [UNKNOWN] Jörn Schmidt wrote:
>
>> less attractive to commit credit card fraud. You are, however, not
>> making it harder. That's why I believe the credit cards companies will
>> indeed have a good, long look at smartcards. Probably not tomorrow or
>> next week but in the
> Perry E. Metzger wrote:
>
>> A system in which the credit card was replaced by a small, calculator
>> style token with a smartcard style connector could effectively
>> eliminate most of the in person and over the net fraud we experience,
>> and thus get rid of large costs in the system and get ri
>| Not having to show ID may save annoyance, but it doesn't significantly
>| improve privacy.
>
>Most credit card issuers will happily give you extra cards, so your
>friends can spend your money. In whatever name you want. If you need
>to show ID, this can become, umm, complicated.
I dunno about
Perry Metzger writes:
> So, what is to be done? I would propose that the replacement of the
> credit card infrastructure is needed. Fraud is prevalent because of a
> massive inherent security flaw in the current system, to whit,
> the account number is identical to the payment authenticator, and
>
Adam Shostack wrote:
On Sun, Jul 10, 2005 at 12:13:42AM +0100, Peter Fairbrother wrote:
| Perry E. Metzger wrote:
|
| > A system in which the credit card was replaced by a small, calculator
| > style token with a smartcard style connector could effectively
| > eliminate most of the in person
Perry E. Metzger wrote:
> If you have a sufficiently good token, you may no longer need to have
> identification information presented to the merchant, even by the
> token, to reduce misuse. It is true that the issuer will still know
> what transactions took place. However, you have at least reduce
Perry E. Metzger wrote:
> Why does the clerk at Blockbuster want to see your driver's license?
> Because his management has been told, by their bank, that if they do
> not attempt to verify the identity of credit card users they will risk
> their business relationship with the bank. Credit card fra
On Sun, Jul 10, 2005 at 12:13:42AM +0100, Peter Fairbrother wrote:
| Perry E. Metzger wrote:
|
| > A system in which the credit card was replaced by a small, calculator
| > style token with a smartcard style connector could effectively
| > eliminate most of the in person and over the net fraud we
Peter Fairbrother <[EMAIL PROTECTED]> writes:
> Perry E. Metzger wrote:
>> A system in which the credit card was replaced by a small, calculator
>> style token with a smartcard style connector could effectively
>> eliminate most of the in person and over the net fraud we experience,
>> and thus ge
Jerrold Leichter wrote:
> There have been a couple of articles in RISKS recently about the fairly recent
> use of a two-factor system for bank cards in England. There are already
> significant hacks -
yes ...
> and the banks managed to get the law changed so that, with
> this "guaranteed to be
Perry E. Metzger wrote:
> A system in which the credit card was replaced by a small, calculator
> style token with a smartcard style connector could effectively
> eliminate most of the in person and over the net fraud we experience,
> and thus get rid of large costs in the system and get rid of t
On Sat, 9 Jul 2005, [UNKNOWN] Jörn Schmidt wrote:
less attractive to commit credit card fraud. You are, however, not
making it harder. That's why I believe the credit cards companies will
indeed have a good, long look at smartcards. Probably not tomorrow or
next week but in the near future.
> 1992: $2.6B
> 2003: $882M
> 2004: $788M
>
> We're on the order of 4.7 cents on the $100.
I consulted an oracle at a major third party
processor. He said the number is more like
64-67 basis points, that you have to be very
precise about your definitions, i.e., very
precise about what goes i
--- [EMAIL PROTECTED] wrote:
[decline in credit card fraud]
> Interesting statistics.
[...]
> But these are still considerable numbers, [...]
I totally agree. And I would just like to make a quick point: the
credit card companies (especially Visa/Mastercard) have been very
agressive in fraud pr
On Friday 08 July 2005 12:08, Dan Kaminsky wrote:
> >I'm think you wrong on that one. Financial cost and benefit are easily
> >assessed on this, and I think the numbers add up. Credit card fraud
> >costs in the hundreds of billions of dollars a year, much of which
> >could be eliminated by a change
>I was in England last week where I noticed that the banks are
>switching all UK credit cards to chip+pin technology. We'll see.
>For that matter, French cards have all been chip+pin for years.
>Any idea what their fraud rates are like? The French card machines
>will do magstripe with a si
In message <[EMAIL PROTECTED]>, John Levine writes:
>>Why does the clerk at Blockbuster want to see your driver's license?
>>Because his management has been told, by their bank, that if they do
>>not attempt to verify the identity of credit card users they will
>>risk their business relationship wi
On Fri, Jul 08, 2005 at 03:48:30PM -0400, [EMAIL PROTECTED] wrote:
> > We're on the order of 4.7 cents on the $100.
>
>
> Interesting statistics.
> Seems like it's the same thing in Canada
> http://www.rcmp.ca/scams/ccandpc_e.htm
> Reported $227M in credit card fraud in 1999, droped at $200M in
>Why does the clerk at Blockbuster want to see your driver's license?
>Because his management has been told, by their bank, that if they do
>not attempt to verify the identity of credit card users they will
>risk their business relationship with the bank.
It's been my impression that the way you'r
Jerrold Leichter wrote:
| > Credit card fraud has gone *down* since 1992, and is actually falling:
| >
| > 1992: $2.6B
| > 2003: $882M
| > 2004: $788M
| >
| > We're on the order of 4.7 cents on the $100.
| >
| >
http://www.businessweek.com/technology/content/jun2005/tc20050621_3238_tc024.htm
>
> Dan Kaminsky <[EMAIL PROTECTED]> writes:
>> Credit card fraud has gone *down* since 1992, and is actually falling:
>>
>> 1992: $2.6B
>> 2003: $882M
>> 2004: $788M
>>
>> We're on the order of 4.7 cents on the $100.
Interesting statistics.
Seems like it's the same thing in Canada
http://www.
At 1:16 PM -0400 7/8/05, Perry E. Metzger wrote:
>I seem to have gotten that one drastically wrong. Thanks for the
>more accurate figures.
Don't worry. I would bet that identity theft will more than make up for it
soon enough, as transaction settlement times converge to instantaneity.
*That's* po
| > Credit card fraud has gone *down* since 1992, and is actually falling:
| >
| > 1992: $2.6B
| > 2003: $882M
| > 2004: $788M
| >
| > We're on the order of 4.7 cents on the $100.
| >
| >
http://www.businessweek.com/technology/content/jun2005/tc20050621_3238_tc024.htm
| >
The article also menti
Adam Shostack <[EMAIL PROTECTED]> writes:
> I think those numbers are misleading. The FTC reports ID theft as a
> $50B problem, but I haven't seen that broken down by vector. I
> suspect most of it is CC (rather than cheque, mortgage/line of
> credit/auto loan), but have no data.
If you or anyo
May we see the back of that envelope? Upgrade to EMV (chip & PIN) here
in UK reportedly costs around 1.1 billion pounds (around $1.9
billion), and that is simply an upgrade to the existing infrastructure
and only in a single country. To fundamentally change the system would
require tens of billions
On Fri, Jul 08, 2005 at 01:16:13PM -0400, Perry E. Metzger wrote:
|
| Dan Kaminsky <[EMAIL PROTECTED]> writes:
| > Credit card fraud has gone *down* since 1992, and is actually falling:
| >
| > 1992: $2.6B
| > 2003: $882M
| > 2004: $788M
| >
| > We're on the order of 4.7 cents on the $100.
| >
On Fri, Jul 08, 2005 at 12:19:38PM -0400, Perry E. Metzger wrote:
[...]
> Actually, the people who would have to pay the investment -- the banks
> and merchants -- have an excellent incentive. The loss because of
> fraud is stunningly large. The real issue is that *consumers* have
> little incentiv
Dan Kaminsky <[EMAIL PROTECTED]> writes:
> Credit card fraud has gone *down* since 1992, and is actually falling:
>
> 1992: $2.6B
> 2003: $882M
> 2004: $788M
>
> We're on the order of 4.7 cents on the $100.
>
> http://www.businessweek.com/technology/content/jun2005/tc20050621_3238_tc024.htm
>
>
I'm think you wrong on that one. Financial cost and benefit are easily
assessed on this, and I think the numbers add up. Credit card fraud
costs in the hundreds of billions of dollars a year, much of which
could be eliminated by a change to the sort of system I
mention. That's not a small amount
Edgar Danielyan <[EMAIL PROTECTED]> writes:
>> A system in which the credit card was replaced by a small, calculator
>> style token with a smartcard style connector could effectively
>> eliminate most of the in person and over the net fraud we experience,
>> and thus get rid of large costs in the
Adam Fields <[EMAIL PROTECTED]> writes:
> On Fri, Jul 08, 2005 at 10:42:02AM -0400, Perry E. Metzger wrote:
> [...]
>> A system in which the credit card was replaced by a small, calculator
>> style token with a smartcard style connector could effectively
>> eliminate most of the in person and over
On Fri, Jul 08, 2005 at 10:42:02AM -0400, Perry E. Metzger wrote:
[...]
> A system in which the credit card was replaced by a small, calculator
> style token with a smartcard style connector could effectively
> eliminate most of the in person and over the net fraud we experience,
> and thus get rid
Yes. And it will not happen. The cost and hassle of introducing such a
system will be so high that it wouldn't make sense financially, at
least not in the foreseeable future. The banks and other credit card
issuers accept that there are some losses they will have, they try to
minimise/control them
34 matches
Mail list logo
