[clug] The 1st Internet Tax is here.
Alex Satrapa
grail at goldweb.com.au
Wed Nov 12 23:37:43 GMT 2008
On 13/11/2008, at 09:56 , Seth Turnbull wrote:
> After 4 years of planning this is what they came up with? A white
> paper and
> fees?
The funny part is that the flaw is in the credit card system itself.
There's no authentication at the business/customer transaction level,
so merely knowing the credit card number & expiry date is enough to
make your own fraudulent transactions.
So what do the banks do? Tighten up credit card security? No. They
insist that people handling these magic numbers harden up their systems.
I'm not arguing with hardening POS systems, but the total lack of
authentication and authorisation at the customer/merchant level still
needs to be addressed. It's like being able to steal a truckload of
cash without the truck. There's more security around the truck
carrying a few thousand dollars worth of ATM cassettes than there is
around the credit card carrying a family's life savings.
Alex
More information about the linux
mailing list