The bank fraud blame game
Perry E. Metzger
perry at piermont.com
Sun Jul 1 16:01:03 EDT 2007
Adam Shostack <adam at homeport.org> writes:
> On Mon, Jul 02, 2007 at 01:08:12AM +1200, Peter Gutmann wrote:
> >
> > Given that all you need for this is a glorified pocket calculator,
> > you could (in large enough quantities) probably get it made for <
> > $10, provided you shot anyone who tried to introduce
> > product-deployment DoS mechanisms like smart cards and EMV into
> > the picture. Now all we need to do is figure out how to get there
> > from here.
>
> I'd suggest starting from the deployment, training, and help desk
> costs. The technology is free, getting users to use it is not. I
> helped several banks look at this stuff in the late 90s, when cost of
> a smartcard reader was order ~25, and deployment costs were estimated
> at $100, and help desk at $50/user/year.
Of course, given the magnitude of costs of fraud, and where it may be
heading in the near term, the $50 a year may be well spent, especially
if it could be cut to $25 with some UI investment. It is all a
question of whether you'd rather pay up front with the security
apparatus or after the fact in fraud costs...
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list