Re: SSL + PGP

New Message Reply About this list Date view Thread view Subject view Author view

Bodo Moeller (Bodo_Moeller@public.uni-hamburg.de)
Fri, 30 Apr 99 00:33 +0200


Bill Frantz <frantz@netcom.com>:

>> 1. Member enters credit-card #, etc. in SSL-protected web form.
>>
>> 2. Form data is processed by PERL script that uses PGP (or is there a
>> PERL module that can do this?) to encrypt form data with accountant's
>> public key, mails encrypted data to accountant.

>> Is this a viable proposal, [...]

> Given the $50 limit on end user liability for credit card fraud, I think
> this approach is reasonable, [...]

The $50 limit is about stolen credit cards. If it's just the card
number that gets abused and not the actual card, the card owner just
has the trouble to have the bill corrected (and, possibly, that
someone else exhausted the card limit) and, if abuse persists, to
obtain a new card; but you don't have to pay $50. In transactions
where the merchant doesn't get the credit card (traditionally MOTO =
"mail order/telephone order", nowadays quite often over the net),
there's no guarantee whatsoever that they will actually get any money:
The merchant carries the risk of not being paid (and if the alleged
customer reclaims the amount, the merchant will have to pay an
additional handling fee to the credit card processor).


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Thu May 27 1999 - 23:44:23