[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Card Not Present, was Re: FW: comments

To: "Ed Gerck" <egerck@laser.cps.softex.br>
Subject: RE: Card Not Present, was Re: FW: comments
From: "Phillip Hallam-Baker" <hallam@ai.mit.edu>
Date: Tue, 28 Jul 1998 00:49:37 -0400
Cc: "EKR" <ekr@terisa.com>, "SPKI" <spki@c2.net>
Importance: Normal
In-Reply-To: <Pine.LNX.3.95.980728005208.28800V-100000@laser.cps.softex.br>
Sender: owner-spki@c2.net

> From: Ed Gerck [mailto:egerck@laser.cps.softex.br]

> 
> On Mon, 27 Jul 1998, Phillip Hallam-Baker wrote:
> 
> >The merchant is not expected to have expertise in checking signatures
> >but if a question arises they had better have the signed reciept if they
> >want to be paid.
> >
> 
> And which must reasonably resemble the signature specimen in the
> card. 

Where did you get that idea? The card company does not even have a 
signature specimen on file in most cases and has no way of knowing
WHAT the holder wrote on their card. Nor for that matter what it
looked like when the card was presented. After a few weeks mine
turns into an unrecognizable smudge.

Even if the card is recovered from the user it is difficult to 
see that the evidentiary link would be all that strong.

Like Erick I've discussed this with the Visa and MC folk, they really
don't expect much in the way of signature verification. If they did
they would take a real signature sample and print it on the card
properly.

> Further, in the Card Not Present MOTO case, a copy of the mail
> order, fax, caller-ID log or voice log would make it easier for the
> merchant to defend against false fraud claims. Also, they would
> represent a further risk to fraudsters being caught. Hence, they can
> help decrease fraud. 

Not really since in the US they eat the loss in the general case.
In the UK they have good address verification.

> >Nor are they particularly expected to do much checking of the card
> >and in any case it is difficult to think of many circumstances in
> >which a forged card would be available for inspection by anyone
> >other than the merchant!
> 
> Yes, but the point is that absence of a proper hologram would mean
> more risk to the fraudster in person ... as you also agree to later
> on: 

The hologram is not particularly difficult to forge. With a few minutes
distressing a mastercard and visa hologram become indistinguishable.

The purpose of the hologram is to make the customer feel more 
secure.

> > A fraudster is put at considerably greater risk if they
> >present a stolen card in person than if they do so via the Internet.
> 
> where the risk of using a false card is higher because of the
> hologram. 

no, the main risk is that the fraudulent use has been reported and
the veriphone unit will signal 'stolen card - aprehend cardholder'

		Phill

References:

RE: Card Not Present, was Re: FW: comments

From: Ed Gerck <egerck@laser.cps.softex.br>

Prev by Date: RE: Card Not Present, was Re: FW: comments
Next by Date: credit card discussion
Prev by thread: RE: Card Not Present, was Re: FW: comments
Next by thread: Re: Card Not Present, was Re: FW: comments
Index(es):
- Main
- Thread