[17777] in cryptography@c2.net mail archive
Re: Why Blockbuster looks at your ID.
daemon@ATHENA.MIT.EDU (Lance James)
Mon Jul 11 13:34:11 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 10 Jul 2005 11:29:52 -0700
From: Lance James <lancej@securescience.net>
To: Adam Shostack <adam@homeport.org>
Cc: Peter Fairbrother <zenadsl6186@zen.co.uk>,
cryptography@metzdowd.com
In-Reply-To: <20050710034254.GA11408@lightship.internal.homeport.org>
Adam Shostack wrote:
>On Sun, Jul 10, 2005 at 12:13:42AM +0100, Peter Fairbrother wrote:
>| Perry E. Metzger wrote:
>|
>| > A system in which the credit card was replaced by a small, calculator
>| > style token with a smartcard style connector could effectively
>| > eliminate most of the in person and over the net fraud we experience,
>| > and thus get rid of large costs in the system and get rid of the need
>| > for every Tom, Dick and Harry to see your drivers license when you
>| > make a purchase. It would both improve personal privacy and help the
>| > economy by massively reducing transaction costs.
>|
>| I agree that it might well reduce costs and fraud - but how will it improve
>| privacy? Your name is already on the card ... and the issuer will still have
>| a list of your transactions.
>|
>| Not having to show ID may save annoyance, but it doesn't significantly
>| improve privacy.
>
>Most credit card issuers will happily give you extra cards, so your
>friends can spend your money. In whatever name you want. If you need
>to show ID, this can become, umm, complicated.
This goes along with paypal's "send a friend a debit card" feature (I
saw this two years ago, I don't know if this is still present), but this
essentially allowed a user to add any name to the debit visa card
(treated in most places like a credit card) which in some cases actually
allowed online hijacking of domain names (depending on registrar)
because the name was the same on the visa card used.
-Lance
--
Best Regards,
Lance James
Secure Science Corporation
www.securescience.net
Author of 'Phishing Exposed'
http://www.securescience.net/amazon/
Find out how malware is affecting your company: Get a DIA account today!
https://slam.securescience.com/signup.cgi - it's free!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
