Jeffrey I. Schiller
Networking, Security and Cavies

What's Wrong with this Picture

OK, so how does a credit card work? Well let’s see. We have a number, which we need to keep secret. If a “bad guy” learns it, they can use it to charge against us and otherwise impersonate us.

However in order to use it we need to share it with individuals and organizations that we have no fundamental reason to trust! What’s wrong with this picture?

Yet, for years before the Internet boom, this business practice worked fine. Perhaps that was because in the event of fraud, it was easier to track it down as shared numbers couldn’t be zapped across the globe in a matter of seconds. There was “friction” in the transfer of information.

But the Internet has made the friction go away. So now we have attackers breaking into servers and stealing millions of card numbers. We have attacks where numbers are stolen quasi in-flight. There will be more ways card numbers are stolen in the future.

The payment card industry has attempted to address merchant security with its security standards. But these standards have to recognize practical limitations, so they leave holes (and in some cases they require steps that are costly, but add minimal security). The problem is once you have standards such as this, it isn’t about security anymore, but about compliance. You hear of companies who have positions with titles such as “Chief Compliance Officer” Yet compliance doesn’t ensure security. In fact it can reduce it because it doesn’t value actions that improve security but do not improve compliance!

But let’s get back to the fundamentals. What’s Wrong with this Picture? There is a fundamental disconnect when we have a secret value that we *must* share widely. We need a better solution. And they are out there... but it will require a major change in how credit cards work. So the question is, how much more money needs to be lost and how many more people need to be inconvenienced before the trade-off leans toward solving this fundamental disconnect?