From: Adam Shostack <adam@bwh.harvard.edu>
To: andrew_loewenstern@il.us.swissbank.com (Andrew Lowenstern)
Message Hash: dcb9213eac7cdb0b7f2b9c45e6b196635d8807cc85d568e486d8024ae123932f
Message ID: <199412030333.WAA29210@bwh.harvard.edu>
Reply To: <9412022231.AA06560@ch1d157nwk>
UTC Datetime: 1994-12-03 03:34:12 UTC
Raw Date: Fri, 2 Dec 94 19:34:12 PST
From: Adam Shostack <adam@bwh.harvard.edu>
Date: Fri, 2 Dec 94 19:34:12 PST
To: andrew_loewenstern@il.us.swissbank.com (Andrew Lowenstern)
Subject: Re: First Virtual?
In-Reply-To: <9412022231.AA06560@ch1d157nwk>
Message-ID: <199412030333.WAA29210@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
I saw a presentation Monday by Nathaniel Borenstien of First
Virtual. While I agree that there is a strong need for a good digital
cash system, FV is not attempting to fill that niche.
FV is a credit card clearing system for the internet. Its
current system is designed for small transactions involving
information resources. It is not intended to be used for selling
physical objects of value.
As such, it forces the merchant to assume risks, in that the
buyer has two opportunities to turn down a transaction. (When it is
mailed to them, and when the credit card statement arrives.) That
second opportunity to decline charges also adds to the security of the
system. I won't say its good or perfect, but it does add something.
FV really isn't taking much risk, or making much profit in their
$.29+2% transaction fees.
FV plans to make its money in other ways. They simply needed
a way to collect credit card numbers to make those other ways work.
They decided to make that means of payment generally available, and,
while hackable, it is better than credit card numbers. (Those who
would suggest PGP encryption should take careful note of how much
trouble psuedo-mandating signing of posts is creating here.)
The other ways FV plans to make money are providing
information services, such as joke of the day. Others were not
mentioned, and in fact, when someone asked, Nathaniel was avoiding the
question when I said they'd be providing jotd, at which point he said
yep. He was pretty admant about not talking about vapor.
If you get a chance to hear him, do. It was very interesting,
and afterwards, off the record, he might have some interesting things
to say.
Adam
| How can you really compare the proposed DigiCash systems versus FirstVirtual?
| One is a 'toy' system for moving credit card numbers around without actually
| broadcasting them in the clear, the other is a cryptographically secure
| digital cash type system. It's not suprising that FirstVirtual is ready
| sooner than DigiCash. However, assuming each system was ready and working as
>I'm glad I'm not the only one who thinks FV is a joke. The entire
>security of the system rests on the difficulty of intercepting and
>forging e-mail. Forging e-mail is dead easy, intercepting isn't much
>harder. While the implementors are correct that an online
>payment-system will have to be simple to use in order to gain wide
>acceptance, sacrificing all security for ease of use is a grave
>mistake. It just begging to be ripped off, providing people actually
>sell something via FV worth ripping off.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBLt/nCvTEN6SHa9YpAQHpVwQAxGi7aTp9c8Q10oS8O5vtw/U+CDi2aReb
cvBfiJxC159MsBcNIpbf98LU7k1ItxWCGQs4OxvJVhXsRj/XlPqerPl+s3LQfxeB
TuTGle9R6wV58yLVF6F4xFJoQU8/zYAb0U9nASrBgiXaIV33NkT65GrgQF6wY9aF
GTl3b0DoXIw=
=OCqk
-----END PGP SIGNATURE-----
Return to December 1994
Return to “eric@remailer.net (Eric Hughes)”