From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Tue, 9 Apr 1996 12:44:58 +0800
To: dwl@hnc.com (David Loysen)
Subject: Re: (Fwd) British Study Claims That Photo Credit Cards Don't
In-Reply-To: <199604081810.LAA22544@spike.hnc.com>
Message-ID: <199604082244.RAA20072@homeport.org>
MIME-Version: 1.0
Content-Type: text


David Loysen wrote:

| Most if not all credit card issuing banks use some form of fraud detection
| software. The next generation of these products will be analyzing
| transaction data from the card clearing banks in real time to stop
| fraudulent transactions before they are complete. Expect to see more "may I
| see your ID" questions as these systems flag transactions as possible fraud.
| I have had a credit card with my photo on it for several years, I can't ever
| remember a sales person who seemed at all interested in comparing the photo
| to me. 

	Most merchant agreements prohibit asking for more ID beyond
the card.

	As to the issue of 'do people look at photos?' they don't even
look at signatures.  I know because I carried a card around for 2
years before anyone noticed that I hadn't signed it.  The person who
noticed asked me to sign the card (without showing other ID!) before
handing over the computer I was buying.

Adam

cpunk relevance?  Most security that relies on people being awake is
broken.  Security that relies on people with no financial interest in
a transactions security is broken.  Studying how security breaks today
is a good idea.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume