Quote:
Originally posted by marcus0263
...Identity theft is big business and no longer are they script kiddies writting viruses, it's organized crime!
|
That's what makes me think the credit card business model is bound to fail in the not so far away future. They base their model on trust and insurance. Most people are honest. Few are not. Therefore it is cheaper to insure the losses made by those few stealing a bit than trying to avoid them completely. All credit card transactions are made my giving to the merchant all the info needed to pay with that credit card to any other merchant. So the merchant or an employee can just use that info to make purchases, or sell the info. So if there are only a few of these "bad guys" then there's just a bit overhead to insure against the damage they might cause.
Enter the internet. Now all the bad guys can organize and transfer the data. Organized crime can collect it from all around the net, and can use it smartly. And they have no prblems hiring talented people that can use the data efficiently. If in the passed a gas station attendant might have been able to collect some credit card info, he wouldn't be able to do much with it without being caught. Now it can probably be sold over the net to someone in another country buying this info from thousands of sources around the world, and employing professionals who can use this data to withdraw as much money as is possible. In my case the fraudsters were quite stupid: they sums they tried to withdraw looked suspicious from the start. But if they tried to withdraw smaller amounts over a wider time frame, they would probably have gone unnoticed until I got my credit card monthly statement about four weeks later. By then the money would have been safe with them. And they cvan do it with thousands of other credit card numbers. Eventually the percentage of fraud would pass some critical level that would make insurance unprofitable, and then the business model collapses. This credit card model should be replaced with a system where the info provided by a customer is only good for paying a particular sum to one particular merchant in a narrow timeframe.
So right now I have a problem. There is this organization I donated to each year (form fighting cancer). They called me and asked that I donate, but I told them that I stopped using the credit card over the phone. So they gave me a 1-800 number to call back. Later they called me to ask why I haven't called back. They try to convince me that it's OK: they're not just anyone because they know about me. They have my name and phone number and my mailing address so I should trust them that it's them and not some imposter. The 1-800 number they gave doesn't match any of the 1-800 numbers on their website. Paying on the website seems to be more secure than over the phone because of encryption, but in the public mind it is risky, never mind the facts, and this public mind seems to include Visa security personnel (BTW, Visa and the issuing bank are of course demanding that I use only IE in my online transactions with them). And anyway I think the risk in this case is in the way they store the info. And the real risks is in other places like supermarkets and gas stations. So it's quite confusing. Nothing seems safe! And the people who are supposed to guard our money, the banks, seem careless and ignorant about the real risks out there!