In my view, the key to this is to keep merchants from getting
credit card numbers.
I will go a step further:
One requirement of e-commerce technology is to avoid any scheme
which compromission would have an impact larger than the electronic
commerce scope itself.
Using credit car for e-commerce would imply that a failure might
give crooks means to do their dirty jobs even without
using e-commerce. This is totally unacceptable!
It will be tough enough to be able for a service (not a protocol
or mechanism) to provide the e-commerce actors (vendors, comsummers
the legal and financial guarantees they require from this service
It would be nonsense to take the risk from E-commerce to open
a hole in other services and mechanisms
In short e-commerce must design and use it's own ID and/or schemes
and when needed let appropriate, trustwosthy value added service
providers provide the "coupling" / "gatewaying" to other existing
services such as the existing credit card network/service.
Personaly I would not truct every merchant to play this role, but
only a few well identified institutions with proven financial backing
and offering (through an explicit or implicit contract between me and them)
financial guarantees. These will cover some risks, and then
I am ready to pay for this added value.
d/
--------------------
Dave Crocker +1 408 246 8253
-- PAP
_________________________________________________________________________
PAP: paul-andre(_dot_)pays(_at_)gctech(_dot_)edelWeb(_dot_)fr tel +33
1 34 52 00 88
http://www.edelweb.fr/ fax +33 1 34 52 25 26
GC Tech "The Globe Online Technology Company"
_________________________________________________________________________