On 2012-12-30 10:01, Jeffrey Walton wrote: <snip> >> Personally I find the Internet-based credit-card payment systems as defined >> by the payment giants, VISA and MasterCard, pretty broken both from a >> usability >> and security-point of view. Since these systems still depend on information >> printed on the card *surface* (including the CCV "password"), it seems that >> this sector could use some new stuff. It is pretty obvious that Google is >> the >> best candidate to make this happen. The banks will eventually retire the >> EMV-card since they never got it to work on the Internet! > > Yep. Follow the money, and you will understand why.
That the banks succeeded in bringing out hundreds of millions of EMV-cards for usage in brick-and-mortar shops (in the EU and Asia) but failed making them usable on the Internet is not only an economic issue, it is IMHO also due to the inability of the three big laggards (MSFT, USG and the Financial Industry) to cooperate on just about anything. > The defective system is OK because merchants absorb the costs via > Charge Backs (et al). This is despite the fact the merchant followed > the procedures, including online verification. If the defective system > cost Visa, Mastercard (et al) money, then the system would be > improved. Being "robbed" is not OK even if you get your money back. That's why EU and Asian banks have used two-factor-auth for on-line banking since they begun some 15Y+ ago. That our cards still are being skimmed is entirely due to the fact that the US is lagging making it impossible to "retire" the mag-strip and clear-text authorization schemes. > In the US, I'm convinced it will only change via legislation. Another possible development: Google will make it easy and secure using credit-cards on the Internet. Then the financial industry will be in a situation where they have lost technological "leadership" completely; possibly long-term even challenging their core business. > But Visa, Mastercard (et al) bride our representatives (err, make PAC > contributions). Confer: House Speaker Pilousi get a non-public IPO > from VISA. She responded in kind by blocking credit card relief > legislation after the 2008 fallout. > > OT: Who is more dangerous to the democracy, the country [US], me, and > my fellow citizens? A Muslim pissed off at socio-economic injustice > and biased foreign policy? Or a member of congress who is not held > responsible or accountable for their lies to obtain office, or pursuit > of growing personal wealth while in office? > > Capitalism at its finest. I call it "The United State of Corporate America." :-) Anders > > Jeff > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
