[FYI] Did Encryption Empower These Terrorists? (addenda)

[lynn.wheeler at firstdata.com]

using x9.59 for all account-based transactions would put debit & credit on
a level playing field with regard to authenticated transactions (and
promotes debit use over the internet).

besides the significant difference in merchant cost infrastructure between
the two ... the other remaining difference is the significant difference
with regard to consumer recourse between the two ... i.e. credit has a lot
of regs that effectively allow consumer to "trust" a transaction (not only
based on trust in the merchant, but also in the merchant bank and the
consumer bank) ... even a merchant that the consumer has had no prior
knowledge and/or dealings with. This has been touted as a significant
factor on the internet with the non-face-to-face characteristic of the
consumer/merchant relationship and any consumer anywhere in the world could
do business with any merchant anywhere in the world, aka the credit regs
with regard to consumer recourse infrastructure providing significant
benefit in such an environment (with merchant, merchant bank, consumer bank
all having various levels of responsibility ... even in the case of a
merchant going bankrupt; a significant issue for merchant banks with regard
to credit is airline tickets ... a significant fee source, but also can be
a major liability if the airline goes bankrupt).

however, with regard to the internet trust issue ... the consumer
e-commerce transactions don't have a random, homogeneous distribution
between all consumers and all merchants ... the distribution tends to be
quite skewed with possibly 20-30 locations accounting for 60-70 percent of
all transactions and possibly 100 locations accounting for 90 percent of
all transactions. There is much less of an "unknown" issue involving
transactions with the top tier well-known merchants that everybody
frequents as well as individual consumers having done multiple transactions
with the same merchant(s) in the past. In this scenerio (for possibly 90
percent of internet transactions) there is much less of a difference
between credit and debit with regard to the consumer not knowing and/or
having no knowledge on which to base "trust" in the merchant. In the
situation involving possibly 90+ percent of internet e-commerce consumer
transactions the consumer would tend to have very little difference in the
level of amprehension with regard to using either (x9.59) credit or (x9.59)
debit for the transaction.

Credit (either x9.59 or not) would still provide a consumer perceived
advantage when dealing with the vast majority of the internet merchants
that account for relatively trivial percentage of all transactions (aka
rather than just judging whether they trust just the merchant, they can
also rely on the trust in their consumer bank as well as possibly in the
associated merchant bank).

random refs:
http://www.garlic.com/~lynn/aadsm2.htm#useire2 U.S. & Ireland use digital
signature
http://www.garlic.com/~lynn/aadsm4.htm#0 Public Key Infrastructure: An
Artifact...




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com