[43489] in Cypherpunks
Re: credit card conventional wisdom
daemon@ATHENA.MIT.EDU (John Pettitt)
Thu Nov 16 14:44:46 1995
Date: Thu, 16 Nov 1995 11:30:08 -0800
To: "Vladimir Z. Nuri" <vznuri@netcom.com>, Arley Carter <ac@hawk.twinds.com>
From: John Pettitt <jpp@software.net (John Pettitt)>
Cc: "Vladimir Z. Nuri" <vznuri@netcom.com>, Howard Melman <melman@osf.org>,
cypherpunks@toad.com, vznuri@netcom.com
At 10:48 AM 11/16/95 -0800, Vladimir Z. Nuri wrote:
>
... about credit card liability
Hmmm, a few words about credit card liabilty.
The situation now is that in a "card not present" transaction the merchant is
liable for the fraud. This means that *a lot* of internet based stores are
getting eaten alive by fraud. The big issue right now is not cards being
stolen from the telco switch (yes it's a risk but can anybody cite it
happening?).
The issue is authentication of the card user. We have a significant
investment in
AI / credit scoring code to defeat the wannabe crackers. This goes way beyond
mod 10 checks and address verification.
[ as an aside I've put two people in jail this year for card fraud ]
John
John Pettitt, jpp@software.net
VP Engineering, CyberSource Corporation, 415 473 3065
