[9536] in cryptography@c2.net mail archive
Re: [FYI] Did Encryption Empower These Terrorists?
daemon@ATHENA.MIT.EDU (Dan Geer)
Sun Sep 30 16:17:03 2001
Message-Id: <200109302007.QAA10323@world.std.com>
To: cryptography@wasabisystems.com
In-reply-to: Your message of "Mon, 24 Sep 2001 14:31:47 EDT."
<v03110706b7d555f61a45@[165.247.220.34]>
Date: Sun, 30 Sep 2001 16:07:14 -0400
From: Dan Geer <geer@world.std.com>
> It seems to me that because of the $50 liability limit under US
> law, most of the risk is carried by the credit card issuers. They
> are also in a position to require proper security by contract with
> the merchant.
The $50 limit (Reg Z) is explicitly and precisely intended
to move the risk to those most able to bear it, albeit with
the significant goal of thereby reducing reluctance on the
part of the customer community at large to use credit cards
where they might naturally have used cash. Putting it
differently, the risk management trade-off is that the
increased volume of fees due to freer customer use of credit
cards exceeds the fraud loss under modern surveillance methods
of deterring fraud. Figure 50-80 basis points for fraud for
the major card associations; figure 3x that for customer service
as something to compare to.
--dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
