Note: This column represents the opinions
of the writer and as such, is not purported as fact|
Millions of dollars worth of online transactions are processed every day by
merchants who accept credit card payments through their websites. The majority
of those transactions involve a VISA card.
There has always been a degree of risk in using your credit card online, but
in most cases those risks are very small -- often limited to just $50 or so
in the event of a fraud. The real cost however, is the hassle involved in
cancelling a compromised card and getting a new one issued.
Of course merchants and the banks have been searching long and hard for a
solution to the problem of online credit card fraud with all sorts of
complex and cumbersome solutions having been touted. We've got technology-based
systems such as ANZ's ZED card
which require the use of a special card-reader, and alternative proposals have
included things such as digital signatures and other tactics.
The fact that most Net users still just type in their card number and hit
enter is a clear indication that none of these existing authentication methods
have been widely accepted by the merchants, the banks or their customers.
But now it seems that Microsoft is planning to offer an authentication service
to help protect VISA card transactions -- and it's going to do it through its
Oh dear -- do I hear alarm bells ringing?
Does this mean that we're all going to have to get a Microsoft Passport
account before we can buy stuff online? I sure hope not.
Even more worrying however is the fact that card users would then be reliant
on Microsoft to protect the security of their online transactions. I know
that I for one simply don't trust Bill's "Trustworthy Computing" initiative
enough to let it anywhere near my credit card.
Now I suspect (please correct me if I'm wrong) that there are an awful lot
of other savvy Net users who would feel the same way.
If VISA isn't very careful, they could be shooting themselves in the foot in
a most painful manner.
You don't have to be too smart to work out that having a finger in every
online transaction has long been the goal of Microsoft. They know that if
they were able to skim just a couple of cents off every sale made online then
their software revenues would pale into insignificance by comparison.
An already huge company would become truly humongous in terms of its wealth
I suspect that the only way this could be avoided is if people are prepared
to say "keep Billie's boys out of my online business" and refuse to sign
up for a Passport account or use one as the authentication mechanism for
Is Microsoft really prepared for the inevitable tidal-wave of hacker attacks
that would be launched if it was known that cracking Passport accounts
could yield a huge financial bounty for those who were successful?
I doubt it very much.
Let's hope people take a close look at what could be about to happen here
before they leap in boots and all.
The security of the Passport service has been broken before and it will be
Have Your Say
As always, your comments are welcomed. Please remember to select
"For Publication" if you want them included on this site.
Have your say.
Want to link to this site? Check out Aardvark's
Did you tell someone else about Aardvark today? If not then do it