- Original Message -
From: Victor Duchovni [EMAIL PROTECTED]
Subject: Re: EMV [was: Re: Why Blockbuster looks at your ID.]
Whose loses do these numbers measure?
- Issuer Bank?
- Merchant?
- Consumer?
- Total?
I'd say that you've fairly well hit the nail on the head. I've
Perry E. Metzger wrote:
Why does the clerk at Blockbuster want to see your driver's license?
Because his management has been told, by their bank, that if they do
not attempt to verify the identity of credit card users they will risk
their business relationship with the bank. Credit card fraud
Perry E. Metzger wrote:
If you have a sufficiently good token, you may no longer need to have
identification information presented to the merchant, even by the
token, to reduce misuse. It is true that the issuer will still know
what transactions took place. However, you have at least reduced
Adam Shostack wrote:
On Sun, Jul 10, 2005 at 12:13:42AM +0100, Peter Fairbrother wrote:
| Perry E. Metzger wrote:
|
| A system in which the credit card was replaced by a small, calculator
| style token with a smartcard style connector could effectively
| eliminate most of the in person
Perry Metzger writes:
So, what is to be done? I would propose that the replacement of the
credit card infrastructure is needed. Fraud is prevalent because of a
massive inherent security flaw in the current system, to whit,
the account number is identical to the payment authenticator, and
you
Perry E. Metzger wrote:
A system in which the credit card was replaced by a small, calculator
style token with a smartcard style connector could effectively
eliminate most of the in person and over the net fraud we experience,
and thus get rid of large costs in the system and get rid of the
On Sat, 9 Jul 2005, [UNKNOWN] Jörn Schmidt wrote:
less attractive to commit credit card fraud. You are, however, not
making it harder. That's why I believe the credit cards companies will
indeed have a good, long look at smartcards. Probably not tomorrow or
next week but in the near
On Fri, Jul 08, 2005 at 01:16:13PM -0400, Perry E. Metzger wrote:
|
| Dan Kaminsky [EMAIL PROTECTED] writes:
| Credit card fraud has gone *down* since 1992, and is actually falling:
|
| 1992: $2.6B
| 2003: $882M
| 2004: $788M
|
| We're on the order of 4.7 cents on the $100.
|
|
May we see the back of that envelope? Upgrade to EMV (chip PIN) here
in UK reportedly costs around 1.1 billion pounds (around $1.9
billion), and that is simply an upgrade to the existing infrastructure
and only in a single country. To fundamentally change the system would
require tens of billions
Adam Shostack [EMAIL PROTECTED] writes:
I think those numbers are misleading. The FTC reports ID theft as a
$50B problem, but I haven't seen that broken down by vector. I
suspect most of it is CC (rather than cheque, mortgage/line of
credit/auto loan), but have no data.
If you or anyone
At 1:16 PM -0400 7/8/05, Perry E. Metzger wrote:
I seem to have gotten that one drastically wrong. Thanks for the
more accurate figures.
Don't worry. I would bet that identity theft will more than make up for it
soon enough, as transaction settlement times converge to instantaneity.
*That's*
Dan Kaminsky [EMAIL PROTECTED] writes:
Credit card fraud has gone *down* since 1992, and is actually falling:
1992: $2.6B
2003: $882M
2004: $788M
We're on the order of 4.7 cents on the $100.
Interesting statistics.
Seems like it's the same thing in Canada
Jerrold Leichter wrote:
| Credit card fraud has gone *down* since 1992, and is actually falling:
|
| 1992: $2.6B
| 2003: $882M
| 2004: $788M
|
| We're on the order of 4.7 cents on the $100.
|
|
http://www.businessweek.com/technology/content/jun2005/tc20050621_3238_tc024.htm
|
The
On Fri, Jul 08, 2005 at 03:48:30PM -0400, [EMAIL PROTECTED] wrote:
We're on the order of 4.7 cents on the $100.
Interesting statistics.
Seems like it's the same thing in Canada
http://www.rcmp.ca/scams/ccandpc_e.htm
Reported $227M in credit card fraud in 1999, droped at $200M in 2003.
In message [EMAIL PROTECTED], John Levine writes:
Why does the clerk at Blockbuster want to see your driver's license?
Because his management has been told, by their bank, that if they do
not attempt to verify the identity of credit card users they will
risk their business relationship with the
I was in England last week where I noticed that the banks are
switching all UK credit cards to chip+pin technology. We'll see.
For that matter, French cards have all been chip+pin for years.
Any idea what their fraud rates are like? The French card machines
will do magstripe with a
--- [EMAIL PROTECTED] wrote:
[decline in credit card fraud]
Interesting statistics.
[...]
But these are still considerable numbers, [...]
I totally agree. And I would just like to make a quick point: the
credit card companies (especially Visa/Mastercard) have been very
agressive in fraud
1992: $2.6B
2003: $882M
2004: $788M
We're on the order of 4.7 cents on the $100.
I consulted an oracle at a major third party
processor. He said the number is more like
64-67 basis points, that you have to be very
precise about your definitions, i.e., very
precise about what goes in
Perry E. Metzger wrote:
A system in which the credit card was replaced by a small, calculator
style token with a smartcard style connector could effectively
eliminate most of the in person and over the net fraud we experience,
and thus get rid of large costs in the system and get rid of the
Jerrold Leichter wrote:
There have been a couple of articles in RISKS recently about the fairly recent
use of a two-factor system for bank cards in England. There are already
significant hacks -
yes ...
and the banks managed to get the law changed so that, with
this guaranteed to be
Peter Fairbrother [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
A system in which the credit card was replaced by a small, calculator
style token with a smartcard style connector could effectively
eliminate most of the in person and over the net fraud we experience,
and thus get rid of
On Sun, Jul 10, 2005 at 12:13:42AM +0100, Peter Fairbrother wrote:
| Perry E. Metzger wrote:
|
| A system in which the credit card was replaced by a small, calculator
| style token with a smartcard style connector could effectively
| eliminate most of the in person and over the net fraud we
I'm think you wrong on that one. Financial cost and benefit are easily
assessed on this, and I think the numbers add up. Credit card fraud
costs in the hundreds of billions of dollars a year, much of which
could be eliminated by a change to the sort of system I
mention. That's not a small
Dan Kaminsky [EMAIL PROTECTED] writes:
Credit card fraud has gone *down* since 1992, and is actually falling:
1992: $2.6B
2003: $882M
2004: $788M
We're on the order of 4.7 cents on the $100.
http://www.businessweek.com/technology/content/jun2005/tc20050621_3238_tc024.htm
If it's any
On Fri, Jul 08, 2005 at 12:19:38PM -0400, Perry E. Metzger wrote:
[...]
Actually, the people who would have to pay the investment -- the banks
and merchants -- have an excellent incentive. The loss because of
fraud is stunningly large. The real issue is that *consumers* have
little incentive
25 matches
Mail list logo