From: Jon Lasser <jlasser@rwd.goucher.edu>
To: “E. ALLEN SMITH” <EALLENSMITH@ocelot.Rutgers.EDU>
Message Hash: b189144ada82a0b8986f5a855a3129dd2f2253469561dc88bf9458875c6b0d7c
Message ID: <Pine.SUN.3.91.951130123239.3869A-100000@rwd.goucher.edu>
Reply To: <01HY8GNOCLCS8WYXCN@mbcl.rutgers.edu>
UTC Datetime: 1995-11-30 18:23:17 UTC
Raw Date: Fri, 1 Dec 1995 02:23:17 +0800
From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Fri, 1 Dec 1995 02:23:17 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: The future will be easy to use
In-Reply-To: <01HY8GNOCLCS8WYXCN@mbcl.rutgers.edu>
Message-ID: <Pine.SUN.3.91.951130123239.3869A-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain
On Thu, 30 Nov 1995, E. ALLEN SMITH wrote:
> However, if you have optional linking of ID and name, shippers will only
> ship to keys with such attributes. Because just ID and address, it could
> be a "hit and run" type attack shipped to a safe maildrop.
> ---------------------------------
> If the transaction is via a Credit Card, it's the card issuer's
> liability (and responsibility to determine creditworthiness), unless I'm badly
> mistaken. If it's bank-issued ecash, then it's up to the bank to disgorge
> physical dollars when ecash is presented to them. What's the risk in either
> case?
Credit card fraud -- ie I've snarfed someone's card number and they
haven't figured it out yet.
Cardholder's liability is $50 (I think). Depending on the situation (if
it's a card-is-physically-present transaction or a not-present) the
liability falls to either the bank or the merchant.
A "proof of address" is a darn good way to reduce (not prevent, reduce)
that sort of fraud.
Jon
------------------------------------------------------------------------------
Jon Lasser <jlasser@rwd.goucher.edu> (410)494-3072
Visit my home page at http://www.goucher.edu/~jlasser/
You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
Return to November 1995
Return to “Jon Lasser <jlasser@rwd.goucher.edu>”