when a fraud is a sale, Re: Rubber hose attack
JohnE37179 at aol.com
JohnE37179 at aol.com
Mon Nov 5 12:01:13 EST 2001
In a message dated 11/5/01 10:55:39 AM, lynn.wheeler at firstdata.com writes:
<< in the account-based financial transaction ... the requestor is the
card-holder/consumer and the authorization or service entity is the
card-holder's financial institution. >>
I think you have nailed it on the head. When authentication is viewed as the
"first link" in the chain instead of identification. The problem with all
authentication technologies in use today from biometrics to PKI to digital
certs, all finesse the identification process and push it off to some
"trusted" third party...all without clearly defining what that third party
must bring to the table.
John
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list