I'm not sure I understand. A lot of the association credit regs have to do with establishing consumer confidence & trust when dealing with totally unknown merchants. Disputes/chargebacks can be more than "I didn't perform that transaction" (mostly because it is so easy to execute non-authenticated fraudulent transactions) ... there are a whole variety of disputes/chargebacks having to do with non-delivery &/or non-performance ... i.e. even in credit card & card holder present situations; In fact, there is the whole scenerio referenced previously where airline tickets are bought with a credit card and the airline goes bankrupt ... the acquiring bank is then liable. http://www.garlic.com/~lynn/aadsm6.htm#terror9
even with authenticated transactions there are still some aspects of MOTO-transaction reg (mail-order, telephone-order) that could still apply ... for instance, in the case of hardgoods, your account is not to be billed until goods are actually shipped. there is still the scenerio that goods never shipped. if disputes/chargebacks were to be totally eliminated for authenticated transactions then (x9.59) credit & debit would really be put on a totally level playing field ... also discussion http://www.garlic.com/~lynn/aadsm6.htm#terror9 note that there are some basic security 101 principles that can be applied here ... as done by X9.59 ... whenever there isn't end-to-end continuous security & end-to-end continuous, seemliess authentication (say when it is split into multiple different operations and transactions and not a single seemless operation) then there are bound to be gaps & cracks in the security .... into which fraud can creep .... "Enzo Michlangeli" <[EMAIL PROTECTED]> on 9/26/2001 5:26 PM wrote: That's 3D Secure's job (see above). Once the issuer has authenticated the cardholder, neither merchant nor acquirer can be held responsible for chargebacks: the issuer pays, and then deals with its cardholder as it deems fit. (If you want my opinion, the very reason why Visa developed 3D Secure is that they are sick of being involved in the dispute resolution process). --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]