AmEx To Offer "Disposable" Credit Card Numbers

A reader writes "American Express is going to allow card holders to access one-time use card numbers for purchases online. Not only could this cut down online credit card fraud but it might lead to anonymous purchases. " I'm not sure this gets us closer to totally anonymous purchasing, but it does mean that you can take more steps to protect yourself in online purchasing - now only one megacorp (Amex) could have your records!

Re:Testing earlier this year...

[deefer]

Much easier than carrying cash

But not entirely like cash... It can still be traced to _you_ if Amex add the one-shot CC to your ordinary bill...
What I'd like to see is something akin to the phonecards - go into any supermarket/corner shop, hand over the moolah (in cash) and get a card worth the same amount. That's as close to untraceable cash as you'll get...

Strong data typing is for those with weak minds.

Wasn't this already done?

[Alan]

But back then they were called "card generators" and you didn't have that nasty problem of someone actually wanting *money* for your anonymous purchase :)

Check Cashing Service...

[mholve]

...That's where. :)

Re:Check Cashing Service...

[AbbyNormal]

Account, name address and 2 forms of photo id?

Re:Check Cashing Service...

[mholve]

Once you get the cash - you can purchase anonymously... I wasn't talking about the conversion itself, just commenting on the comment above.

By reusing numbers.

[Speare]

The combination of date, temp-ccnumber, and amount makes for more digits. These are checked against your original ccnumber when the transaction is sent to the card-issuer, which is more digits.

Simple version:
store submits charge.
if (temp-ccnumber-digit16) XOR (original-ccnumber-digit3) XOR (day-of-week) == 6, you pass the test.
Pass a suite of such tests, charge is authorized.

Don't expect AMEX to tell you the actual checks performed. Only a small portion of possible checks need be "in force" during a given week or hour, too.

Reusing numbers

[eshaft]

If they keep reusing numbers, I don't want to be the database guy having to write disgusting queries like "select $$$ from transactions_table left join temporary_cards left join members_info on ..."

Yuck.

Re:Great now it's IPs and AMEXs

[thogard]

Even though ever web designer in the world seems to think that a credit card number is 16 digits, the specs say they are 19. Take that and stuff it in your database :-)

In hypothetical BigBrotherLand

[KFury]

(you know, the one where the governemnt has monitoring tools like Echelon and Carnivore)

Anyhow, in hypothetical bigbrotherland, when you get cash from an ATM, it's trivial to include a reader into the ATM that will grab the unique, prominent serial numbers on the bills it gives you (in nice, clear, easy-to-OCR type donchaknow), and correltaes that money to you, a specific individual.

Now you spend this twenty (yuppiebuck) at the market/gun club/peepmall and, being a twenty, it will most likely not be given as change to another customer, but will go straight into the deposit pouch that the store gives to their bank at the end of the day/week.

The bank scans the money, correlates the serial numbers again, sees the path of the bill, and generates reasonable probabilities of the path it took through the system.

Do this for a while and you get statistical certainties on cashflows, who spends what where, telling more about a person's cash habits than an FBI interview would.

I've no idea if the system exists currently, but it's preposterous to think that cash is really anonymous, because cash literally isn't anonymous as long as it has a serial number. It may be anonymous enough for a given purchase, but in the aggregate it tells a great deal about you.

Kevin Fox

Re:In hypothetical BigBrotherLand

[Super_Frosty]

So, do what I do. When you cash a check or withdraw money, get only one and two dollar (Jefferson) bills. No one would bother tracing them, they circulate a lot, and it fucks the system!

Re:In hypothetical BigBrotherLand

[Jonavin]

Or if you're really paranoid, use coins.

Re:Three steps to anonymity

[image]

Have you been to a Radio Shack or Sears lately?

Those stores, among many others, try to get your personal information even if you want to pay cash. I remember arguing with a sales clerk for twenty minutes about whether or not I *had* to give my name and address to buy something with cash. He claimed that he couldn't complete the sale without the data. We finally had to call over a manager to deal with the issue.

Experiences like that just leave me feeling icky...

Re:Weakness

[cot]

Isn't the point that you wouldn't have to give out your CC # unencrypted to anyone?

Yes, if they got your card number you'd be equally screwed, but this would potentially insulate you from merchants, dumpster divers, etc. from getting your number off the receipts.

Re:sneakemail and sneake-cc?

[KevinMS]

I seem to think that if the cc companies have the opportunity to add A LOT more value to this one time credit card venture easily then they will, the writer of the article seems to think its about privacy also, you dont, do you have other information that you can share with us?

Re:How long could they keep doing this?

[thogard]

The first 6 are the BIN number. These are assinged to the banks or creditcard companies in major lots (so MasterCard gets only 5.* and Visa gets 4.*) but there are other 5's that have been assgned to non MasterCards. The short answer is that two cards with the same first 6 number will be issued by the same bank. Currently a given BIN range is also used to tell if its a "gold" as well.

Different countries tend to use different number schemes. The US tends to use nice blocks of well defined numbers which makes scanning trivial. Other banks have even used fully random assignements.

There is no check digit. The "mod 10" system used simply says the sum of the even digits plus the sum of the odd digits x 2 will be a nice mod 10 number. Go look at some of the perl code that does the check and then write the routine in assembly on a machine with BCD instructions. One is about 5 lines and the other isn't. The system was designed to catch transposed digits. if the card is 1234 then the system will catch 1324 and 2134 but not 3214 or 1432. These is also a 1 in 10 chance that bad card number will correctly checksum. Keep in mind that there are still places where those numbers are routinely hand keyd.

Armageddon stupid

[ctimes2]

Smart cards hold the number of the beast and would signal the coming end of creation! It's the 7th sign! Repent NOW SINNERS! Stop surfing PORN! I know it's true 'cause that guy who slept with that whore that one time said so!

Ctimes2

Alternate use

[debren]

I saw this idea a few months ago, offered to me by my credit card company. I assumed they'd charge the amount to my regular card, and send me a finite-amount card.

Contrary to all the posts here, they were promoting them for use as gift certificates. Interesting idea.

Re:Weakness

[rxmd]

Well, since we're talking about one-use-only numbers anyway, I don't see very much of a difference between transmitting the number to the merchant encrypted or unencrypted, since it's going invalid right after that anyway.

Re:Expiration Dates

[thogard]

US banks tend to verify it but many banks world wide don't. I do know that lots of system had the date check rejecting turned off for y2k and I suspect its been turned back on my now but maybe not.

Re:Weakness

[rxmd]

As I said, we're talking about one-use-only numbers anyway. I don't see very much of a difference between transmitting the number to the merchant encrypted or unencrypted, since it's going invalid right after that anyway.

Re:Testing earlier this year...

[Mike1024]

Hey,

What I'd like to see is something akin to the phonecards - go into any supermarket/corner shop, hand over the moolah (in cash) and get a card worth the same amount.

What I'd like to see is something akin to money - go into any supermarket/corner shop, pick up what you want, hand over the moolah (in cash) and get a box of groceries worth the same amount. Plus you wouldn't have to wait for delivery, like you would online.

If that sounded sarcastic sorry, it wasn't meant to be.

Michael

...another comment from Michael Tandy.

Now firmly off topic.

[ichimunki]

There is no incentive for a private corporation to share customer data with federal, state, or local governments, especially when that data will frequently include their own directors', managers', and employees' information. The accounting department is more likely to be spending time finding ways to state the accounts so as to lower taxes, while the people who are most likely to be using the above SQL code are the ones in marketing departments, you know, for sales and profitability purposes.

The best uses for disposable credit card numbers are to discourage tracking via account number by vendors(harder to join multiple purchases when the common factor isn't a single number field) and to reduce the risk that a cracker will access a vendor db and get active account numbers.

Re:We need prepayed cards thank you

[Elequin]

Didn't these prepaid cards already come out? I seem to remember reading (somewhere on /.) that these were available at your local 7-11. Link anyone?

Re:Are there enough valid numbers?

[squidfood]

You can add four digits because the required "expiration date" becomes arbitrary, can't you? Puts it back up to 10^16, maybe that helps? It can also give a "series number" for recycling. Say, use expiration dates with years around 50 years in the future...

Just like pre-paid phone cards

[www.sorehands.com]

I should have patented this.

Start disposable credit cards, just like a phone card. Go to a supermarket or mall and pay cash for a "prepayed" credit card.

The float would be a great profit center.

But this would be a debit card on a cash account. Get it recharded when it runs out. Great way to launder cash too.

Re:Just like pre-paid phone cards

[EricWright]

You know, some people use credit cards to purchase items they can't afford at the time (ie. can't put their hands on THEN). When I buy a new stereo, I'll plunk down plastic and charge $1500, then pay it off a few 100 a month for a while.

Credit cards started off as a way to buy now, pay later. These days, we are all using debit cards, which look and feel a lot like credit cards, but are very similar to prepaid calling cards. The difference is that the "payment" you make is depositing your paycheck into your bank account and, just because you have used all of your minutes, er money, the number is only temporarily deactivated, not cancelled.

Eric

Re:Just like pre-paid phone cards

[spankfish]

Start disposable credit cards, just like a phone card. Go to a supermarket or mall and pay cash for a "prepayed" credit card.

But this would be a debit card on a cash account. Get it recharded when it runs out. Great way to launder cash too.

Which is probably why the pr0n freaks aren't all using it to make their mirror sites right now.

Did I mention Natalie Portman?

--

Re:Just like pre-paid phone cards

[mrphrtq]

This sort of defeats the convenience of a credit cards. Most people keep their credit cards with them wherever they are, so they have them when they need them. Having to go to a physical location to get a card is adds work to the already sloth-friendly online method of shopping.

When the Visa calls, the machine will get it.

Re:Only one Megacorp.

[wnissen]

This would even protect you from the Club Card stores associating your credit card with your club card. Say that you pay cash for everything and also keep several club cards with bogus information on them. If you slip up and accidentally use a credit card, they can link up the club card accounts based on your CC number. With the new technology, they would not be able to do that so easily.

Walt

Re:Credit Checks, Credit Ratings, And Minors

[Pete+Jackson]

It seems to me that what would make the most sense would be that every account (with a regular old account number) would be linked to a number of "sub-accounts" that would be generated on demand.
In short, the scheme seems to work like this:
1. The AMEX system would open the account, linking it to a master account.
2. The merchant then processes a transaction against the account.
3. The account is set up to automatically close after one transaction is posted.
4. The balance of that account is then transferred to the master account.

Disclaimer: I don't know that it works that way, it just my inferences based on the article.

The numbers could be linked to a master account by running the account number through some kind of one-way algorithm. Or maybe by picking them out of a pool of available numbers and assigning them in sequence.

In any event, it's a really interesting approach, although I'm afraid that the number of valid mod-10 account numbers will diminish quickly. Sort of like the way IP addresses have.

What I find MOST insteresting about this strategy is that it cuts down on an online merchant's ability to invade my privacy by using credit card numbers to link information in puchasing databases.

Re:Feeling safe

[FatouDust]

Incidentally, not having to pay for it is a different thing from the fraudulent charger being prosecuted. The fact that I can get stolen from, but since what to me is a significant amount is miniscule to these companies, means that ultimately these crimes go mostly unpunished.
---
"The Constitution...is not a suicide pact."

Re:Why not..

[deefer]

They tried that in Swindon, UK, a few years ago. The card was called Mondex, and all the retailers in Swindon were provided with Mondex terminals to receive payments and to "top up" the cards with extra cash.
That was four years ago, when I was in Swindon the pilot had been running for 2 years and nobody really used it. I guess that it was abandoned, 'cos I've not seen it elsewhere since... (now livinf in London)
Maybe with this newfangled internet thingy getting popular, it may be worth another go...

Strong data typing is for those with weak minds.

Hmm

[bguilliams]

While a respectable attempt at making online purchases more secure, I think this will ultimately be a failure.

Obviously, American Express will have to get the disposable numbers to people in a non-secure manner. The only thing more nerve racking than having a credit card sitting in a mailbox where people can steal it is having several credit card numbers that don't require activation sitting in a mailbox where people can steal them. Of course, that statement makes some assumptions, but I think they are safe ones.

How will they get the numbers to people? The internet? That's self-defeating. Via a phone call? Too many chances for human error. Especially when you consider that number will need to be even longer than they are now to avoid repeating. Snail mail seems to be the obvious answer.

And what about activation? If the single-use numbers require an activation phone call, they'll be too inconvenient to use.

This isn't the right solution, but it does show that the big players are looking for one. And that's a Good Thing(tm).

Re:Credit Checks, Credit Ratings, And Minors

[goliard]

Regarding your third point: AmEx is not offering disposable numbers to just anyone (check the article). They are offering them to their customers -- i.e. people with AmEx accounts, who thus, one presumes, have met AmEx's standards of credit rating, etc. Thus this is no different than already having a credit card from AmEx, except that it can't be stolen (online). The numbers being instantly available on-line just means their customers will be more likely to go to the minimal effort of getting the more secure disposables rather than just typing their real AmEx# into ghu-knows what website.

So the billing (wrt your second point) is no different: you get it on your AmEx card bill, is all.

Think of the disposable # as an alias for your real number. In the same way people use hotmail accounts as disposable spam-filter accounts, these AmEx#s are disposable theft-filter accounts.

So to use this, you need to apply for a regular AmEx account, and then you can get the disposable #s.
----------------------------------------------

Come ride the cluetrain

[pingflood]

Even though your cash withdrawals are recorded, how you spend that cash isn't. Thus, it's more or less anonymous; I doubt big brother is going to correlate a $30 ATM withdrawal with the $5.99 of it you spend on a six pack of Corona at the grocery store.

-pf

Re:Come ride the cluetrain

[AbbyNormal]

But beer should be free. hehe. Touche~, good point. I generally want cash for the little things though...and never take out more than 100 bucks at a time. If I want a bigger badder item, I whip out Mr. Plastic.

Re:IMHO

[thogard]

I don't know who you talked to but I haven't found anyone that liked them that wasn't pusshing them. They take forever compared to cash. The only places I've ever seen that take Mondex just happen to be very close to MasterCards offices. There is also the issue of what happens when the card gets broken. I can still spend broken cash, a broken Mondex card is worhtless along with all the money stored on it.

The income tax people?

[Ross+C.+Brackett]

Sorry, but this seems funny to me - the term "The income tax people" sounds like a corporate slogan, i.e.

Network Solutions: The dot com people.
The US Government: The income tax people.

Political Perspective

[mr.+fabulous]

I've had this same idea for a long time. What took so long?

But, first a personal aside, I'm a staunch capitalist, fiscal conservative, libertarian (i.e., less government), but when the US halls of power are run by whores prostituting their votes to the biggest special interest (lobbying group) I get angry! But, I believe there is hope, I've seen momentum building for nearly a decade against the influence that nothing decried by Americans seems to stop. Namely, abuses like nearly nil protection for Americans wanting control (less full control) over their personal information. It always comes down to the deep pocketed, with the aid of the power in charge of the capitol, who quickly reverse their moral stance against such a position as soon as they gain power, calling the agenda. Just such a thing occurred when the GOP gained the House and the Senate, lost to them since the 1950's, after the 1994 mid-term national elections. Riding the wave of change which Americans were churning began by the election of new young president, representing a new attitude - by Americans, not the man himself, he was just par for the course - there was an expectation for some real change to occur. Apparently not. Or should I say, it's still coming - that's my read.

I see parallels, a new synergy, more importantly I see different manifestations of the same root gripe, in the violent/vigorous demonstrations in Seattle, Washington last year. Similarly, with protests during the presidential nominating conventions just a few months ago. The French farmer who defaced the local Mc Donald restaurant is part of this too. It's part of a sentiment which seems at first unrelated. No, not that globalization sucks, I'm not a socialist for heaven's sake. Rather, that individuals are, for their myriad reasons, angry and fed up with the naked purchasing of the process. The British have their euro-skeptic stance toward EU membership and the lack of sovereignty that Belgium running bureaucrats might exert over their national identity. Similarly, I see American's saying to hell with ridiculous patents made grant-able by a PTO obliged to follow guidelines paid for by deep pocketed interests investing (you call it tomato, I call it graft; others lobbying, political donations, and others soft money contributions) in the extension of their monopolies. It sure looks like corporate socialism. Further, UCITA, DMCA, lack of control over personal medical information, financial information, driver's license information and/or photographs. On and on it goes.

I sure get sick and tire of being sick and tire about this. Listen, I'm not saying that it's the end of the world, but I sure as hell don't like to tell Amazon to take a flying a leap if they do a 180 on their privacy policy as easily as I prefer to just get results, if a disposable credit card number is one more weapon in my arsenal, great. But, as has been mentioned AMEX will just have the field all to itself. No ifs, maybes and of buts. Unless they apply something viral like a GPL kind of concept (policy won't change unless 100% of users give explicit permission, say) they'll ride you too, in their own way. Fuck that!

Anyway, that leaves just one route for total privacy, either go the JD Salinger way: no credit cards, no phone number, no driver's license a reclusive sort of existence. Or lots of buffers between you and the world, a little Godfather thing here. ;-) Become Amish. Or, do the Howard Hughes thing, in later life mind you, incorporate yourself, use corporate shells, credit cards, etc. Nothing nefarious, you're just a guy, gal who likes to keep control of your destiny. After all the facts of your life are your personal history. And I shall write mine own. Nobody will read this anyway.

Me pican las bolas, man!
Thanks

Re:Weakness

[jmv]

Someone else encrypts your card number...

Well, how does that "someone" gets your card number in the first place? The idea of the system is that you never transmit this new card number in clear.

There's another weakness, though and here's the fix: the merchant's (public) key needs to be signed by Am Ex, so that a merchant can't send you a dummy public key for which it has the private key and decrypt your number. I can't find other weaknesses for now...

We need details

[Animats]

AMEX was supposed to release details on this at 0900 PDT today. Is there a link yet?

Re:We need details

[FreezerJam]

Press release type details from AmEx
http://home3.americanexpress.com/corp/latestnews/p ayments.asp

Here's another (maybe great) idea

[JSBiff]

I had the idea, awhile back, while looking into ecommerce solutions, of having a system where the vendor never even sees the credit card information. It would work something like this (maybe the technical details would need to be tweaked, but this is the general idea): I go to your site, fill a shopping cart/order like normal, fill out a shipping information form, then get redirected to the credit card companies' site, where I fill out payment information, which would do the work of figuring out if I could be authorized, and then send me back to the vendors site with an authorization.

Viola! Vendors never see my card info, but get assurance of receiving payment.

You could, potentially, take it another step. Once I had gone to the credit card companies' verification site once, the card company could, maybe, store a cookie in my browser (which cookie would not contain any of my credit card info, but just an index to my database record from my last visit). In the future, when I was redirected to the card companies site for verification, they could check that cookie, ask for some sort of pass-phrase (obviously cookies aren't the most secure thing in the world), and ask me if I want to use the card info I've already submitted last time, or use another card.

No accountability

[Snocone]

The income tax people will FREAK on this.

This is why offshore accounts are illegal!

(1st?)

Re:No accountability

[piku]

If we don't know about it then it doesn't concern us. It's that simple.

If we don't know about it then they obviously aren't using the information for anything, therefore who cares? Oh no the government knows my address! oh no! WHO CARES!? Until they use my address to send me a bomb or use my e-mail addresses to send me government SPAM, then who cares if they know the information?

Hell, I could know your credit card number right now. Would you know? NO, not until I use it to buy something. If I never use it to buy something, who cares if I know it?

Its better that we DON'T know what they know.

Re:No accountability

[Bouncings]

It's not as if American Express won't keep very detailed accounting on your spending habbits. Look at it this way. With a static credit card number, the IRS has a query like this (SQL):

select sum(amount) from debits where account_number = ;

to...

selet sum(amount) from debits where name =

hehehe... What I'm saying is that credit card companies have great accounting departments that will be so bored, they'll jump at the chance to draw on their amazing skill to tell the IRS every single purchase you make. :) It was a nice thought though. (BTW, offshore accouts are only illegal to people who don't pay off politicans)

Re:No accountability

[shocking]

According to the tax seminar I went to the other week (being a new entry into the US & all that) even Swiss accounts will hand the details over. The only country not doing it is Luxembourg. Oh, BTW, dont complain about your taxes - they're a lot lower than in Australia. Just complain about the way they're spent.

Re:No accountability

[magnanamous_cow_herd]

If we don't know about it then it doesn't concern us. It's that simple. If we don't know about it then they obviously aren't using the chemical weapons for anything, therefore who cares? Oh no the government stockpiles chemical weapons! oh no! WHO CARES!? Until they use chemical weapons or use my e-mail addresses to send me government SPAM, then who cares if they have chemical weapons? Hell, I could have chemical weapons right now. Would you know? NO, not until I use them to kill you. If I never use them then who cares if I have them? Its better that we DON'T know what they know.

Re:No accountability

[Flounder]

Not that the IRS gets copies of peoples' Amex bills to begin with.

Who's to say that they don't? They already know how much we make, our social security numbers, the names and ages of our spouses and children, our home address, etc, etc, etc. Why wouldn't they get our credit card records?

Damn, I'm starting to scare myself!

Re:No accountability

[piku]

Them having chemical weapons and them having our e-mail addresses are two COMPLETLEY different things. One is personal information about the people living in their country, one is them having weapons of mass destruction.

Until they could launch our phone numbers and e-mail addresses at another countries population to cause mass genocide, I'm not too worried.

Re:No accountability

[Pete+Jackson]

But in reality, I believe that the technology as described allows for very easily circumvention of existing financial regulations.

I'm interested to hear how. I think you're basing this argument on the assumption that the accounts will be anonymous. My inference was that they'd be linked to your existing card number, which means they will not be anonymous, nor untraceable, nor undeclared.

Can you elaborate on the potential abuses you forsee?

Thanks,

--Pete

Re:No accountability

[Tower]

Well, they don't have the time/resources to track everything in the Visa/MC/Amex/Discover/Diners/etc realm... they are pretty understaffed as it is (the percentage of audits has dropped each of the last few years). Even if they have them, they don't know they have them, or can't get to them as easily as they'd like... upon request (for audits), I'm sure they could get them (not sure if that is legal or not)... now some other Agency...
--

Re:No accountability

[Pru]

What is this guy talking about? Offshore accounts are legal.. if used for legal purposes. And its not like these credit cards are going to be regulated any different then normal credit cards.

Re:No accountability

[ShaunC]

>The income tax people will FREAK on this.

The income tax people have nothing to do with it.

The article doesn't provide a whole lot of info, but I guarantee you that purchases you make with your "disposable" CC numbers will show up on your regular Amex bill. Not that the IRS gets copies of peoples' Amex bills to begin with.

Shaun

Re:No accountability

[Snocone]

Can you elaborate on the potential abuses you forsee?

Much of tax evasion and illegal activity detection is based on detecting patterns in otherwise unrelated financial data. Data gathered in audits and submitted by financial institutions is placed into one big soup from which patterns are detected and individuals are picked to have the microscope placed upon.

By providing a next to anonymous conduit for an individual transaction, the possibility of detecting currency flows by means other than direct AmEx record access is reduced by orders of magnitude. This would make IRS fishing expeditions next to useless, and require subpoenas to get at financial information that now can be found/deduced through the regular audit process.

Like I said, they gonna freak :)

Re:No accountability

[Snocone]

if you hadn't bolded it, I mighta let it slip by, but this is a geek forum, so let's use geek terms accurately: if theory does not agree with reality, it's not a theory.

True. Okay, the hypothesis is that anonymizing an individual transaction removes no accountability. In reality, we will find that since a single point of contact can be used for individually anonymous transactions, the detectability of unlawful currency flows will be decreased greatly.

If your current credit card is not against the law, why would more credit card numbers be against the law?

CC numbers aren't illegal. Evading reporting regulations on currency transfers is illegal. With regular credit cards possessing a single number their use to evade these requirements is not practical. With an individual identifying number per transaction with no connectivity apparent outside the AmEx databases, coupled with some fairly basic effort to not make all transactions come from the same IP or something stupid like that, it suddenly becomes VERY practical indeed to shove funds around in pretty much complete confidence that you won't show up on anybody's radar.

(I don't think this is flamebait either ... buddy is a little bit slow, that's all ;)

Re:No accountability

[Snocone]

The income tax people have nothing to do with it.

No, but they depend on individuals' financial activity being cross-referencible to detect infringement of their regulations. This technology makes that detection very much harder. They won't like that.

I guarantee you that purchases you make with your "disposable" CC numbers will show up on your regular Amex bill. Not that the IRS gets copies of peoples' Amex bills to begin with.

Exactly so! They depend on the traceability of your CC number to detect individuals contravening the norms and thus throwing up "AUDIT ME" red flags which let them get into AmEx's records. Remove that traceability, and you have what amounts to a financial radar jammer, making it that much harder to detect who's playing games with money.

Re:No accountability

[Flounder]

The NSA certainly doesn't have the manpower to go through every communication that Echelon picks up. That doesn't stop them from storing everything.

Building a massive database to store the info into wouldn't be that difficult. They don't even need to track individuals, they can just search for trends through the entire data.

The government can pretty much do anything it wishes, and if we don't know that they're doing it, who's gonna stop them. What if the FBI had been able to keep the lid on Carnivore? Do you think they would have volunteered the information? NO! The government will only make information public when they are caught. The thing that scares me is, what don't we know about?

Re:No accountability

[eshaft]

... and they aren't really accountable to anyone (because they can audit anyone)... it is scary, dude.

Re:No accountability

[Karmageddon]

Okay, the hypothesis is that anonymizing an individual transaction removes no accountability

but the part I think you're not getting is, that individual transaction is not anonymous either. You would go to Amex, get the new (temporary/one time) number, then go to the merchant and present it, along with your name and address, just like you would a normal card. The only privacy enhancing feature is if Echelon were to search a transaction log for credit card numbers they wouldn't be able to tell all the transactions were you. But if the IRS were to get the records from the merchant and look buy CustID or the records from Amex and look at your account number, all the transactions would be there just like they always were... you seem to be making the assumption that your credit card number is how these databases are keyed, but except for Amex, I don't think that's true.

BTW, I think that the credit-rating agencies that the card issuers rely on for validation require *every* transaction to be logged to them in an individually (as in SSN) identifiable way, and they resell that info. That's where the zero privacy problem issues.

Re:No accountability

[Snocone]

What is this guy talking about? Offshore accounts are legal.. if used for legal purposes.


But anonymous and undeclared accounts are NOT legal. Also, any financial transaction over a certain threshold is illegal for a US citizen, period, unless the appropriate form is submitted to government by the financial institution. It seems to me that this technology can be very easily applied by anyone who gets a merchant account to achieve near-complete financial impenetrability for money transfers, aka "laundering".

And its not like these credit cards are going to be regulated any different then normal credit card

In theory no. But in reality, I believe that the technology as described allows for very easily circumvention of existing financial regulations.

Re:sneakemail and sneake-cc?

[Karmageddon]

there is nothing in the article that indicates this is about privacy. the article talks about privacy, but the only thing the article mentions about this program is that if a merchant were to leak your credit card number, it would not be usable.

do you have other information that you can share with us?

Did you mean that in a snide way? I could ask you the same question. I don't think there is any other information. I think it's pretty clear that this is not a privacy enhancing program. I'm not an expert on this, but IIRC the contractual relationships between the credit card companies and the merchants and the credit rating agencies require that all of them get access to your identity.

Re:We need prepayed cards thank you

[sqlrob]

They exist.

I got ads for 'em with my credit card statement around Xmas last year. They were intended as gifts.

throw-away card == thrown-away money

[Captain+Pillbug]

A disposable credit card is an interesting idea, but unless it's possible to refill the card (thereby defeating part of the reason for having one), it means we'll have the same problem we have with disposable phone cards: they get thrown away with money still on them. After normal use, there's always a small balance that can't be spent through normal use, and the credit company will stand to rake it in as pure profit.

Re:A minor problem...

[haystor]

Only one company would have my information. Another company might have yours. It doesn't matter, but I could narrow it down to the point where I could have a single company to blame for information leaks. There could certainly be more than one company.

As far as monopolies go, they are a result of capitalism. But the companies you mention have hardly been guilty of terrible things. Sure, bad music and bad movies may come out of the closed town of hollywood, but its been our choice to watch that crap. Microsoft has consistently provided people and companies with what they wanted, relatively cheap and easy to use computers. Apple isn't cheap, and Unix isn't easy. They crapped the middle ground which is filled with mediocre people. Now people want to have the benefits of a standardized desktop only possible with a monopoly, and they want to set the prices on it also. It is completely wrong to use force against a company when alternatives exist, and to justify it with some crap about a free market.

The free market forces that free software is putting on Microsoft will eventually chip away at Microsoft, relegating them to life as an application company. The writing is on the wall for MS already.

An interesting thing to not is how much /. readers hate monopolies, but they get into religious wars about which OS (editor, shell, gui, etc) to use. For example, I think many people would like to see everyone work on just Linux, and not BSD. This also would stifle creativity, and alternatives and force the user down certain paths. Then again, I think most /. readers contribute absolutely nothing other than flames to free software as a whole.

I've digressed, and I don't mean to have a tone that I'm attacking you. I'm just espousing my views that somewhat relate to what you were saying.

Why not..

[Axe]

Why not just jump to smart-cards, like civilized world?

Re:Why not..

[kootch]

is this the vendor reader or the personal reader?

the original smart vendor reader had the problems.

i'll try to find documentation of it online

Re:Why not..

[kootch]

too bad they released the card without a reader that didn't blow up when they tried to use the card.

(this is a true story, the reader would short out if you actually tried to use it the way it was meant to be used)

Re:Why not..

[Asgard]

Of course the smart-cards don't use online authentication for stored-value... that would defeat the purpose. If you have a landline / wireless connection to some 'main' server, you are back to a credit card again. The magic of stored value is that you *don't* need a third-party connect.

The magic, so to speak, is in the details of the storage protocol. Most stored-value cards use a form of cryptography to validate the money, so you can't just 'deposit' money from just anywhere. I'm not familiar with the fine details, but I'd imagine anyone thinking of creating such a system would have details like this covered.

Re:Why not..

[ciaohound]

Smart cards are a category of stored-value cards. The Federal Reserve defines three categories of stored value cards: offline unaccountable, offline accountable, and online accountable.

Offline accountable are like your Kinko's copy cards. You pay cash (usually) to put a value on it, and when that value is used up, you throw it away. There's no accountability or traceability for your individual transactions.

Offline accountable are similar in that you don't go online to a centralized database to validate/record your transaction, but eventually your transaction IS recorded in a central database by some kind of batch process.

Online accountable include your credit cards, which require an online connection to a central database for verification and transaction recording. In many countries, the drawback to online accountable is the high cost of telecom. Telecom is relatively cheap in the USA and these cards now predominate. I believe this is the major reason why smart cards have not caught on here.

Smart cards are stored value cards with the addition of a processor for such things as encryption, personal identification numbers, etc. These would include the Mondex card. They would provide more security than our existing credit card infrastructure, and could operate either online or offline. The Mondex web site is pretty informative. Check out Mondex and Google for Reg E.

--

Re:Why not..

[Mr.+X]

My Blue hasn't exploded on me yet, and I've been using it for almost a year now. I also have the card reader.

Could you provide more info on this?

Re:Why not..

[ionisation]

AMEX does have a smart card. Their "Blue" product. Granted it is not the end-all be-all solution, but it is a step in the right direction at least, and they are the first US credit card co I know of doing it.

Re:Why not..

[Traicovn]

Yes, Smart Cards ARE a piece of really great and really cool technology, and yes, american express has started implementing them in their 'blue' credit card line...
Now, maybe i am wrong, but the way I see it, a smart card would not neccessarily be 'more secure' in all situations. The smart chip might just store the account number....Now, if the smart card stored a $$$ amount, it might be better... however there is still an oportunity for fraud.... allow me to illustrate what could CONCEIVABLY happen. We figured this out when my friends university installed smart card chips on their id cards. We thought 'hey cool, it's not as easy to copy as a magnetic stripe, it's cool looking, etc..'
We began to disect the way that the system authorizes the smart card.... we found out that the transaction is not 'online' what this would mean is if I could find a way to arbitrarily deposit money that DID NOT EXIST onto my smart chip (with say an HP200LX or a laptop) I could keep going around making small purchases, phone calls, and buying cokes without losing any money. Of course we have never experimented with this, but the way a smart card authorizes needs to be analyzed before it is the answer to all your fraud problems.
I think that something that needs to be looked at in the online credit fraud area is also 'packet sniffing' you have to many people who STILL don't make secure transactions...i.e. they email their credit card number and for SOME REASON THEY THINK THAT NO-ONE inbetween can intercept an EMAIL from AOL or mom&pop isp'r'us....
or it's a 'scheme' that they fall for. (i.e. "FAT REDUCING SOAP!!!" "GET RICH QUICK" etc.....)
Just my thoughts on the subject
Look for the TEKMOBL, the chevy with an onboard INTEL chip

Similar Serivce to this

[logiceight]

I found this article where it talked about a service called PrivateBuy.com

I think many of you will be interested.

Re:sneakemail and sneake-cc?

[Karmageddon]

It's not going to be anonymous to the business, either. it's your same credit card. It's like getting a new copy with a different number... "no different" means "not anonymous" because your credit card is not anonymous. Not to mention, they aren't giving you an anonymous mail-drop anyway...

the only way that it provides anything like anonymity would be for a merchant who keeps the customer file keyed by credit card number and would thus fail to match up your different orders. But, (1) merchants don't do this, and (2) if they did, they would change. It's not anonymous.

Protecting the Credit Card Companies

[minna]

Given the fact the customer liability is limited to $50 (in the US) in case of credit card fraud, this is primarily to protect the credit card companies from dealing with all the complaints, both from users and merchants. If it's a one time number, then you cannot argue anymore that someone stole your number. Bottom line: good for AMEX, no change for you and me.

Feeling safe

[KeyShark]

I feel pretty safe buying online, but the main reason most people don't is because the don't "feel" safe doing it. If they can come up with more ideas like this I think E-Commerce will do even better with the average user.

Re:Feeling safe

[Pete+Jackson]

Actually, I'm less concerned with my number being stolen online (most card companies will protect you and your liability is limited) than I am with privacy issues involved.

Suppose, for instance, that my ISP and Amazon.com decide to share their databases and I've paid for both services with the same credit card. Now both companies have access to more information about me that I'd have given up voluntarily.

Sure, the example is a benign and harmless one, but one could contrive all manner of potential issues once you consider all of the possiblities.

This is a good first step toward protecting the privacy of a consumer. More are needed, of course, but it's good to see Amex coming up with a decent idea like this.

Re:Feeling safe

[morn]

> >>I feel pretty safe buying online
>
> I felt pretty safe buying online too -- Until
> somebody somewhere hijacked my card number, and
> I suddenly had over a $1000 worth of speakers
> and stereo equipment show up on my bill. No, I
> did not have to pay for it, and even if they
> caught the person who did it.....

If you didn't have to pay for it, why do you no longer feel safe? Surely all that this shows is that, even if fraud is committed, the system works well enough to deal with it properly? Surely you should feel reassured?

--

Re:Feeling safe

[dirk]

>>I feel pretty safe buying online

I felt pretty safe buying online too -- Until somebody somewhere hijacked my card number, and I suddenly had over a $1000 worth of speakers and stereo equipment show up on my bill. No, I did not have to pay for it, and even if they caught the person who did it (a pretty good bet, since the moron also used it to pay his cell phone bill), I wouldn't know for sure that it was from an online purchase becuase they don't release any information about the investigation. But it makes you feel quite vulnerable, and does a lot to make you a little more cynical about tossing your card number around (it was an AmEx, by the way). So, I'm all for this because my security concerns are based on more than artificial worries.

Buying online is probably safer than buying in person. If you take the normal precautions (secure site that is known) you are almost guarenteed safety. Compare this with a restaurant. You eat your meal and give you card to Joe Waiter to carry away and do whatever he wants. No one steals credit cards off the internet, because it is hundreds of times easier to talk to your buddy who works at Denny's and ask him to get you some credit card receipts. People use stolen credit card numbers on the Net, they don't get them there...

Re:Feeling safe

[bobtalp]

Well another added benefit that I see to this system, aside from stopping people from stealing you credit card number, is stopping companies from continually billing your credit card for services that you never requested.

For example, I recently received a charge on my credit card for an ISP account that I had canceled over a 6 months ago. I called the company and asked them what this charge was for and that I had canceled my account long ago. I was told that it would be taken care of and I would be refunded... well come 3 weeks later , no refund. I called again and this is when the run around began. I got every tactic in the book to stall getting a refund. So two months later, 20 calls later they tell me that they don't have a record of my account being cancel so they are going to charge me a late cancellation fee (what ever that is) plus the months that I didn't even use the service... what a bunch of crap.

So, it would have been nice to use a disposable credit card number to avoid all the hassles I've had with dealing with this company.

BTW the ISP is "acunet.com" in eastern Massachusetts so avoid them at all costs if you live in the area, they are a bunch of con artists.

Re:Feeling safe

[ryanw]

Buying online is safe..

As far as the TRANSACTION. . . the transaction is secure, but whatever happeneds to the credit card once it gets to the final destination who knows... I mean it could be sitting on an NT SQL server with the default password set..

I would feel MUCH better doing online transactions with a number that will be used ONCE and then expire.

Amex could do this with a small selection of numbers because once the number expires it could be used with a different expiration date or something to make it unique to the new person it is assigned to.

Re:Feeling safe

[diverman]

I've worked with billing and financial systems quite a bit. I even had to redesign how our company functions in this respect. I can totally understand the safety issue with credit cards. I've seen too many companies that are not as secure as they should be with credit card numbers. And the more complex a system gets, the harder it is to ensure safety.

Something like this would help ensure safety. The only problem would be that this sort of thing can't apply towards accounts that people have that need to charge the individual's card on a recurring basis.

At least it is a possible solution to securing one-time purchases more.

-DM

Re:Feeling safe

[BlueJay465]

Don't forget that with most cards, you are usually liable up to a certain deductable amount (usually $50).

Re:Feeling safe

[AbbyNormal]

Don't mean to nitpick, but at anytime you get your card stolen...you can call up the card company and cancel it. That's why it doesn't really bother me. I'm not liable for the fraud as the consumer, the cards are.

Re:Feeling safe

[irix]

No one steals credit cards off the internet

Except those cases where these "reputable merchants" had an architecture that left their SQLServer databses exposed on the Internet and they got sucked dry. I had my CC number stolen, and it was not log after CDNow (or one of those guys) had their database scarfed off of the 'net.

Re:Feeling safe

[AbbyNormal]

Yes, but some cards are trying to encourage ONLINE transactions and thus even waive the deductable. My card does that currently. While I don't like paying for the $50, I'd rather pay that than what a guy can charge for my limit!

Re:Feeling safe

[Zordak]

>>I feel pretty safe buying online

I felt pretty safe buying online too -- Until somebody somewhere hijacked my card number, and I suddenly had over a $1000 worth of speakers and stereo equipment show up on my bill. No, I did not have to pay for it, and even if they caught the person who did it (a pretty good bet, since the moron also used it to pay his cell phone bill), I wouldn't know for sure that it was from an online purchase becuase they don't release any information about the investigation. But it makes you feel quite vulnerable, and does a lot to make you a little more cynical about tossing your card number around (it was an AmEx, by the way). So, I'm all for this because my security concerns are based on more than artificial worries.

Do not teach Confucius to write Characters

Re:Feeling safe

[KeyShark]

See that's the thing...Even if your number is hijacked, with AmEx you won't have to pay for it. It's still a pain in the ass going through, but the same thing could happen if you got your wallet stolen...

Re:Feeling safe

[Lullabye]

However, believe it or no, your card's theft, although not making you liable, can have an adverse effect on your credit. It actually gets figured in with other things for that stupid algorythim that they use to determine your credit rating.

Re:Are there enough valid numbers?

[JohnA]

An AMEX Card has 15 numbers, and is always in the following format:

• 37XX XXXXXX XXXXC

The first two digits are alwys 37 for AMEX, and the last digit is a LUHN10 checksum (I wrote some groovy code in VB to calculate this). That makes 10^12 possible valid card numbers.

Another dirty secret is that several online Credit Card processors don't actually check expiration dates, so that elminates the possibility of using it to allow for duplicate assingments.

Re:Weakness

[jmv]

...and I'm talking about cryptological permanant credit card numbers that cannot get compromised

Only one Megacorp.

[haystor]

Only one megacorp would have all your information, but they would have a very, very strong incentive to protect it, and make amends should it be breeched. This is a good sign of capitalism working like it should....without government intervention.

Translates to discounts everytime...

[Taliesin]

Lots of stores (like buy.com) allow $10-$30 discounts for first time customers. Most stores (buy.com for sure) verify this through the use of the credit card number. If the credit card number has never been used before, they'll let you have the discount. Otherwise, you'll have to pay the normal price. I ... er, someone I might know ... has purchased several items from buy.com under different credit card numbers for just this reason. Now, with disposable numbers, I^Hhe will be able to get a discount every time!

Re:Translates to discounts everytime...

[Phroggy]

AOL gives you 10 free hours^H^H^H^H^H^H^H^H^H^H^H^H^H 20 free^H^H^H^H^H^H^H 30^H^H 50^H^H 100^H^H^H 200^H^H^H 250^H^H^H one month of free service when you first sign up with them, based on your credit card number. Of course, I wouldn't do it even if I had a big pile of numbers, just because AOL's service isn't good enough that I'd take it for free, but I'm sure a lot of people would.

--

This is actually a great idea

[Wellspring]

Did a credit card company come up with this? This is actually a great idea-- I'm really impressed. While it isn't digital cash, it still seems like a good idea. If nothing else, it will make people more confident with giving the number out, rather than feeling like a year from now some guy will trash them and then start carding TV's from Best Buy.

Pretty cool. I wonder what kind of tracking database they'll use to match people with their purchases. If there were a privacy guarantee, it would be even better, but I guess that that is wishful thinking.

One-Time Credit Card Numbers

[herwin]

In other words, trusted third party (as in Kerberos). See Bruce Schneier, Secrets and Lies: Digital Security in a Networked World, for some of the interesting pitfalls. Trust me, some perp will figure out a way to use it in a way that the vendor never expected nor wanted.

Amex

According to this month's Wired, Amex does not accept online-porn retailers because there's too much fuss involved (customers denying purchases, fraud...)

I wonder if this card will change their policy regarding online smut.

\_O_/
/
/ \
W===D

Penis-surfing man.

One-time pads or algorithm?

[kootch]

how long before a cryptologist breaks the algorith to determine whether the number is a valid entry? at that point, we'll have tons of fake cards and stuff getting billed to the wrong person.

it will end up being just like those $5 calling card scams that you see in NYC all the time.

Re:One-time pads or algorithm?

[Wiseleo]

CC algorythms had been available for a long time... Very long time in fact :-)

I see no reason for AMEX to change it. Yes you could generate fake AMEX cards for a long time, 10 years at least. That is not legal and actively prosecuted.
--
Leonid S. Knyshov

Re:One-time pads or algorithm?

[jareds]

I see no reason for AMEX to change it. Yes you could generate fake AMEX cards for a long time, 10 years at least. That is not legal and actively prosecuted.

I've never understood why this is such a big deal. Don't merchants all charge the purchase at the time of sale anyway, to make sure the cards not maxed out or stolen?

Re:One-time pads or algorithm?

[kootch]

but considering this is a one-time thing, wouldn't it be harder to find the culprit and prosecute?

Re:One-time pads or algorithm?

[devphil]

how long before a cryptologist breaks the algorith to determine whether the number is a valid entry?

What cryptologist?

function isCreditCard(st) {
// Encoding only works on cards with less than 19 digits
if (st.length > 19)
return (false);

sum = 0; mul = 1; l = st.length;
for (i = 0; i digit = st.substring(l-i-1,l-i);
tproduct = parseInt(digit ,10)*mul;
if (tproduct >= 10)
sum += (tproduct % 10) + 1;
else
sum += tproduct;
if (mul == 1)
mul++;
else
mul--;
}

if ((sum % 10) == 0)
return (true);
else
return (false);
}

Blame the shitty formatting on /.'s lack of a <PRE> tag. It took me about three minutes to get it to look even this readable.

I pulled that piece of JavaScript off of some web page way back when. My notes say (don't recall where I got this part from): Credit cards use the Luhn Check Digit Algorithm. The main purpose of this algorithm is to catch data entry errors, but it does double duty here as a weak security tool.

For a card with an even number of digits, double every odd numbered digit and subtract 9 if the product is greater than 9. Add up all the even digits as well as the doubled-odd digits, and the result must be a multiple of 10 or it's not a valid card. If the card has an odd number of digits, perform the same addition doubling the even numbered digits instead.

Re:One-time pads or algorithm?

[dan_lesage]

Obviously the generation algorithm is not sufficient to protect the customer.

Here's how it could work: the customer goes to the Amex site, inputs his card number, his name and a private key, and gets his temporary card number and a "public" key. When he makes his purchase, he enters the temp card number and the public key; the site looks up the combination on a secure server at Amex and allows (or not) the transaction.

Re:Three steps to anonymity

[kermit+the+fraud]

Does the ATM, bank, or liquor store know where you are going and how you are spending the money?

sneakemail and sneake-cc?

[KevinMS]

Assuming that using a disposible cc number is anonymous, (why wouldnt it be, it would be like a phone card), by using this and sneakemail.com an "e-consumer" would have much more control over his/her purchasing identity and power over junk in their mailboxes (both snail and e) and more importantly, would significantly impact the very valuable side effect of current purchases - customer data. By drying up that source of data we might effect businesses hunger for it, turning their desire elsewhere (maybe towards quality), and be closer to turning an ebusinesses view of the internet as a black box that their goods go in and money comes out. Of course the danger is that cc companies see the value and start selling customer data back to the ebusinesses.

Re:sneakemail and sneake-cc?

[KevinMS]

sorry to sound snide, but you do go on like you have some information that we dont. I'm not an expert on this also, but I've worked with it so I know a little. The credit rating agencies have nothing to do with any of this, they are merely a parsitic business in all this. The relationship is between the merchant bank and the holder of the merchant account. The merchant bank requires nothing but the cc number to do a transation, the merchant accound holder is always the one to verify the authenticity of the purchaser by using things like zip codes and names, but this is not required. Since the merchant is not required to ask for personal info (i've seen this done) then its up to the bank and cc companies to provide personal info back, or they could just return an transaction id. This is a simplification of it, but its really not that complex. Agreed that the article takes things a bit farther than the facts support, but it seems to me that ecustomer anonnimity is only a step away in the process, if its already not possible.

Re:sneakemail and sneake-cc?

[KevinMS]

I really dont see your point. If its a one time number, it IS a different cc number. If the cc company doesnt require personal information to authenticate the user, like zip codes, or names as they sometimes use, then the busines will have no idea who you are unless they get the personal data back for the cc company when they try to "settle up" the transfer of funds into their own bank accounts. Of course, if the temp number they give you is your cc number appened with a one time number it wouldnt be that anon.

Re:sneakemail and sneake-cc?

[Karmageddon]

Assuming that using a disposible cc number is anonymous, (why wouldnt it be, it would be like a phone card)

The number is not like a phone card. You don't "buy" it in advance, it's just a different credit card number tied to your same account. After you use it, they will send you a bill.

Re:sneakemail and sneake-cc?

[KevinMS]

you missed my meaning, I mean anonymous to the business, not the cc company.

Re:sneakemail and sneake-cc?

[Karmageddon]

yes, we are talking past each other :)

"your side" of this discussion thinks that these new one-time credit card numbers are little encrypted numbers that let you purchase without giving out your name and address.

"my side" thinks they are not. they are just like regular credit card numbers. you go to a site, you enter your name, billing address of this credit card, and a credit card number. the only difference is, you don't enter the same number twice. the only "privacy" implication is that if someone breaks into Amazon and steals their database, the theif learns everything about you except your permanent credit card number.

are we communicating yet? I'll grant you, the article and the person who posted it here kept mentioning privacy like this had something to do with it, but it doesn't.

Re:sneakemail and sneake-cc?

[Karmageddon]

but you do go on like you have some information that we dont

I do do go on because I'm trying to be very explicit and clear, overexplaining, because some people keep imagining that that article said something about anonymity. It did not.

It is clear that many people confuse privacy and anonymity.

BTW, it is not true that the credit rating agencies have nothing to to with this. They are entitled to be informed whenever credit is extended. That's exactly what they keep track of. If the merchant does not authenticate the purchaser, they are leaving themselves wide open to purchasers denying that the transaction ever took place.

A minor problem...

[Mathonwy]

Let me see if I got this right, then...

Only one company would have access to this particular resource, and would zealously protect it from other companies, because having exclusive control of this resource gives it an extreme advantage...

Isn't this what is usually refered to as a monopoly?

And while I suppose that monopolies are a natural result in captialism, arn't they usually an undesired one? With unplesant effects on the market as a whole? *cough* microsoft/time warner/RIAA/MPAA *cough*

Re:A minor problem...

[Oscar26]

Monopolies are not illegal in the U.S. contrary to public opinion. ABUSE of monopoly power is illegal in the U.S. Electric companies have had monopoly power for years. The counter force is strict government regulation. While I don't favor government regulation and intervention, in some circumstances it is warranted.

In certain circumstances monopolies are desired but you are right, most of the time they are not. There is no incentive to develop better products (Intel! but they now have some serious comptetion from AMD) Why give companies the ability/temptation to break/abuse the consumer? Being held accountable is a great deterrant.(sp?)

This is Stupid

[Auckerman]

This doesn't solve the problem

1) All we need now is some 1337 $cr1pt k1dd13 to h4x0r American Express's web site and they will have ALL of AE's card numbers, not just a few thousands.

2) How long will it take someone to reverse engineer AE's algorithm for creation of CC numbers? All one has to do is h4X0r some shop that has a few thousand of these, and with some patience, I'm sure they can figure out how the number is created. Then they can start pumping out CC's all day long.

This is progress?

Re:This is Stupid

[SuiteSisterMary]

Considering that 'h4x0ring' up one of these credit cards would involve inserting records into AmEx's bit ole database, I don't think it's going to happen too quickly.

Re:Are there enough valid numbers?

[mindstrm]

Time-related as well. They can recycle them over a period of time. Numbers would be valid for say, 24 hours or some such thing, and then recycled (but not active until reassigned.)

You go to the amex secure site, identify yourself, and they give you a one-time-use number for the transaction. YOu use it.. done deal.

A week later, they can use the same number again.

Re:[OT] your .sig

[Tower]

It's a sad day when a helpful tip meant in good spirits gets moderated as "Flamebait"... offtopic, yes, flamebait, no.

--

Re:I can see it now

[alecto]

First, there is no justice. You should have been modded up (+1, Funny).

The thing is, if Amex uses the same "bank number" (first four digits) as for their other cards, there won't be an easy way to filter these, like there is with WebCertificate that always uses the same bank number. (BTW, I've never run across or heard of a site filtering based on bank number--I would be interested in knowing of any.)

If more companies get in on the act, they aren't going to be able to tell if the card is good for recurrent billing unless that's made part of the authorization scheme. And other companies are getting in on it. I received an ad from AAA of all places offering "stored value" (a.k.a. disposable) Visa cards.

Neither Anonymity nor Privacy

[sconeu]

From what I can tell from reading the article, this is not an attempt by AMEX to provide either anonymity or privacy, but rather a security measure.

If you get a tempCC and give to an e-tailer, and

Joe "31337 h4x0r" cracks the e-tailer's database, all he gets is an expired tempCC number. AMEX is not doing this out of the goodness of their hearts, but in an attempt to cut their fraud losses.

Never attribute to altruism that which is explainable by self-interest.

Re:Are there enough valid numbers?

[Doctor+Memory]

I'll have a special expiration date so that it will differenciate [sic] between me and some other person who got this block before

Or, given the nature of these cards, maybe they'll only be good for one month. That way, they can re-issue every available number every month or two.

Expiration Dates

[Oscar26]

You forget the expiration date on the card. No transaction is complete with out that. It adds an extra 4 digits and would allow reuse of numbers.

Re:Expiration Dates

[Skim123]

You forget the expiration date on the card. No transaction is complete with out that. It adds an extra 4 digits and would allow reuse of numbers

Kinda. If the expiration date is MM/YY, MM is restricted from the values 1 - 12, not the full range of values from 00 - 99.

Re:Expiration Dates

[joekool]

typically you can give any date after the current when asked for a expiration date, and have a transaction go through--they just check to see if the card is expired!

Re:How long could they keep doing this?

[locust]

One hundred thousand numbers is a small number to brute force over the span of an hour while the number is valid.

--locust

Re:Credit Checks, Credit Ratings, And Minors

[ptomblin]

Second, how will AMEX ensure that you will pay your bill?

If I understand this correctly, the disposable number will be linked to your normal, non-disposable AMEX card. AMEX will still have all your details, and any bills you run up will acrue to your regular account, but the number will cease to be valid after one use, so that an unscrupulous merchant can't run up extra charges on it after you've paid for what you meant to pay for. They will probably have to have some sort of mechanism where merchants with legitimate complaints can add an extra charge after the fact (like if you use it to pay for a hotel bill, but then they found you stole all the towels).

Think of it as just a symlink to your regular card, one that you (or AMEX) destroy as soon as it's fullfilled its purpose.

I conceed your first point, though, that the process of getting the disposable number from AMEX is just as prone to interception and theft as any credit card purchase, but I think the real problem with credit card fraud so-far has been unscrupulous merchants adding extra charges (like double billing) and/or idiot merchants leaving your credit card number on their system where it is stolen by crackers and script kiddies. This concept addresses both of those problems.


--

Re:great idea, but is it a band-aid or a real fix?

[FatouDust]

If we were using the truly anonymous cash card (phonecard machine type), then couldn't the government just tax the purchase of the card itself, and stop worrying about it?
But then, how not to re-tax the sale itself, differentiating between a cash card and a credit/debit card...

And then, that would require the identification of the location where you purchased the cashcard, which would be worse in terms of anonymity than current credit cards. And odds are the government would be perfectly happy to tax twice, and..

Oh, nevermind.
---
"The Constitution...is not a suicide pact."

Re:Are there enough valid numbers?

[DrEldarion]

So they can add some things that 1) makes more numbers available, and 2) makes them harder to make up... How about using number AND letters? Maybe symbols too.

You could have card number: 1F$S U3@1 H94o (%K8

<shrug> a thought.

-- Dr. Eldarion --

Not such a good idea... couple of reasons why

[rxmd]

This may sound like a good idea, but it has its drawbacks.

The first drawback is granularity.

• If the value of every single card is large (few hundred dollars), it would be a mugger's paradise because people don't usually carry around much in cash, but a potentually valuable payment card would be a good target.
• If the value of every single card is small, no one will use it for larger transactions. You can buy your roll of bread quite comfortable using real money, and if you have to enter a dozen numbers when you buy your new $99 sound card online, the system is not going to be very popular. We've had this in Germany because it was considered to use prepaid phonecards for transactions. The idea was dropped, however.

The second drawback is non-rechargability. If recharging devices were available, people would start stealing those and recharging their cards at will. To make this impossible, one has to provide each card with a sort of "shadow bank account" and have the recharger communicate with some central authority. Then, you could desable known stolen rechargers.

The third and worst drawbacks is that if it's an electronic device, you can fake it. I spent some time in 1996 assembling a microcontroller-based board that could pretend it was a German phonecard. No one would introduce a payment card that could be faked this way. In order to stop this, one has to introduce either advanced secret card signing algorithms, which are sure to either leak out or be faked sooner or later, or use shadow accounting like with the German GeldKarte ("money card"). Again, anonymity and non-traceability can no longer be guaranteed, and the advantage will be gone.

A very good introduction how the German GeldKarte payment card system works can be found here. I'm sorry that it's all in German, but the system is specific to Germany, so most people wouldn't bother to translate it. You can try the fish, though. An English introduction can be found at Manni's page

.

Re:Testing earlier this year...

[Luminous]

Fundamentally, I don't care if a transaction is traced to me. Yes, hello, I buy things that get shipped in plain brown packages. I do like the idea of not having to use my debit card (I too refuse the concept of credit as I've seen that version of Hell and have no desire to go back).

Currently I use a similar variation where I have an account at one bank with a debit card and I only keep a small amount of money in there for online buying. This could be made easier if I could just transfer money to a temporary number while I am shopping, use that number and never have to worry about who has sniffed that number. It would also make tracking my online purchases easier as I would get one statement listing all my debits from my account to temp numbers and a list of the amount of money stored on the temp numbers.

Virtual Cheques

[Farq+Fenderson]

I think virtual cheques would make much more sense. Slap some RSA keys on it and you've got something that could work. Who needs to go in debt when they have money?
---

Re:Similar to one time passwords

[globalrf]

This already exists--SecureID--and has been used for years.

Any Guesses to how this crypto-algorithm works?

[globalrf]

One possible guess is: x = credit card number y = passcode t = time (random number generator) z = f(x,y,t) z is then passed to the store t is passed to AMEX (?would this be recorded by the store) AMEX can calculate x from y, z, and t and then send the verification check to the store. What does the store record in their database? Is it z and t? or only z? The next question would be: what is f(x,y,t)?

Re:Three steps to anonymity

[mitheral]

I don't even argue with these guys anymore. Instead I seed their database with false data. For giggles sake I usually use the mayor's name and address.

The scary thing is I've done this hundreds of times and never had any of the sales droids make the connection.

And if anyone just wants a phone number I give them the Police main switchboard number.

Re:Testing earlier this year...

[jareds]

Much easier than carrying cash, and I don't have to worry thieves getting access to my Debit Card (long since gave up the credit thing...) and depleting my account and waiting the 8 months for my lousy bank to redebit the 2 grand the fuckers stole and charged up 4 days after reporting it stolen.

I had something like this happen to me, but I did my homework. The bank must provisionally credit your account within 10 business days (unless they asked for written notification and you didn't provide it). They must finish their investigation within 45 business days. If they fail to comply with these time limits, they could be liable for actual damages, plus punitive damages of $100 to $1000 dollars, plus attorney's fees if you actually have to sue them (and you win). Also, the damages could be tripled if it was intentional. I never got that far, as my bank capitulated within hours (literally) of being faxed a threatening letter pointing this all out. These facts are mostly useful for saber-rattling, but if your bank actually took 8 months, I seriously suggest checking with a lawyer to see if you have a case to sue them, because that's completely ridiculous.

Re:great idea, but is it a band-aid or a real fix?

[jareds]

If we were using the truly anonymous cash card (phonecard machine type), then couldn't the government just tax the purchase of the card itself, and stop worrying about it? But then, how not to re-tax the sale itself, differentiating between a cash card and a credit/debit card...

Because sales tax varies depending on where you spend the cash, not where you obtain the cash.

Re:Three steps to anonymity

[Anonymous+Coed]

So, what happened? Did the manager agree that forcing you to supply a name and address for a cash purchase is absurd, or did he attempt to enforce their policy? (BTW, this is one of the reasons why I have avoided Radio Shacks for years. There's just no good reason for them to collect this information, other than their own marketing purposes, which I don't really give two shits about. The other reason is a general policy about shopping at any store with the word "shack" in its name.)

Re:One step closer to...

[alecto]

It's called SET (for Secure Electronic Transactions, and it's been around for around 20 years and was developed by the credit card industry. I guess the industry decided that fraud is cheaper than security.

Re:Sure, there are enough numbers...

[jareds]

This is not going to be an easy accounting task: issuing number, tracking their usage, deactivating, then reactivating them. I can tell you that I'm pretty good with logistics (being a police dispatcher tends to develop those skills ) and it'd be a nightmare for me to track.

That's why they would track them using computers, rather than armies of retrained police dispatchers :)

This isn't really new.

[Lish]

There has been a similar service from Mastercard for some time. It works sort of like an online gift certificate, except that instead of a certificate # that can only be redeemed at certain retailers, the recipient is given a number and expiration date to enter in any online purchase form just like any other credit card purchase. So you can use it anywhere online.

The only way the AmEx method is different is that the numbers are only good one time, rather than being good until the amount of the gift is used up.

There are any number of companies that will issue a physical card with the same characteristics (set balance to debit from) with the difference being that you can use it in non-online transactions as well.

If anyone has the URL of the site where they offer the online-only version, I'd love to have it, as I lost my bookmark file a while back.

Re:Are there enough valid numbers?

[treat]

Expiration date is not part of credit card verification. Trust me. The next time you order something with your credit card, give a different expiration date. As long as it's in the future, it will work.

The expiration date serves no real purpose.

Re:How long could they keep doing this?

[DrEldarion]

I suppose, since they already have an account from AmEx, that their name and address would be tied in there as well? Then people couldn't just guess a number and have it work.

-- Dr. Eldarion --

Similar to one time passwords

[anticypher]

VISA and AmEx have been kicking around ideas to do something equivalent to one time password cryptocards. This is a simple version of the same idea, without all the fancy hardware. If it works, expect the idea to take off with all the major card issuers.

What will probably happen later on is, you will be given an electronic card, with a special token embedded in the circuitry. When you want to use your credit card number online, instead you push a button and a small display tells you the cryptographically hashed version of the card, valuable for a single use over the next hour or so.

The hash function combines a real time clock value, the token, and a counter for each use.

The servers will have a copy of your token, know the time, and keep a local counter. Then the server can compare the crypto hash of your card. If they match, the transaction is authorised. Then later the billing department matches up your hashed number with the real number, and you see the charge show up on your bill.

There are a ton of other little details which the crypto card industry has worked out, but the system mostly works. Too bad this neat methodology will be patented to death, so only the big boys can play with it.

the AC

Re:Similar to one time passwords

[jameshowison]

Take your idea on over to shouldexist.org - they are specifically working on getting good ideas in a format to be used as prior art.

Re:Similar to one time passwords

[morn]

Who needs smartcards? I've been telling people for years that the best solution to the "stolen card number" problem is a one time pad. Its a trivial change to exisiting system. You just include a 10 or so digit number in the "address 2" field of most software and have the bank look for it with their address verification system. Then you print 5 to 20 large randomish numbers on a statement and let the cardholder enter that in a special box.

Sorry, [assuming this was intended to make sense]I don't understand you (and I'm sure I'm not the only one). Could you explain again please?

--

Re:Similar to one time passwords

[rgmoore]

Too bad this neat methodology will be patented to death, so only the big boys can play with it.

Not if you publish it first- and you can make a reasonable claim that you have now- and press your claim to prior art. Just because big companies have been vigorous in playing the patent game doesn't mean that you have to give up. When you have a good idea like that, work out the details and publish them. That will allow you to produce a claim of prior art and keep the idea in the public domain.

Re:Similar to one time passwords

[thogard]

Who needs smartcards? I've been telling people for years that the best solution to the "stolen card number" problem is a one time pad. Its a trivial change to exisiting system. You just include a 10 or so digit number in the "address 2" field of most software and have the bank look for it with their address verification system. Then you print 5 to 20 large randomish numbers on a statement and let the cardholder enter that in a special box.

This requires no new hardware, very little new software and most of that lives on about 7 main computers for MasterCard or Visa.

Too bad they have been blinded by SET and since they have dumped so much money in that technobable system they aren't going to trash it even though it adds no real security to the payment system. Before I get flamed for flaming it, keep in mind that with most real strong crypto, if you can guess the content, you don't need to guess they key.

IMHO

[jd]

Mondex' cash smart-cards are a better way to go. Then the card itself could transfer the money, using strong encryption.

Personally, the "ideal" would be a smart-card on which you could lodge a mixture of cash & credit, do online transfers from any suitable station, and use as a practical alternative to credit cards, debit cards, cheques and cash.

Such systems are being tried out, in the US and UK, but only over small scales. Despite everyone I've talked to liking the cards, the card companies won't put them out for general use. Stupid idiots!

Getting the new numbers is an issue to consider.

[Zeus72]

How does someone go about getting these one time only cards? Do you input your AmEx number online to be issued the new number? Do you call on the phone and customer service type gives it to you? How about mailing it to you (email or snailmail)? The process to procure the numbers would determine whether or not to use the service.

The one hands down benefit is the inability for the business you bought something from to store your *valid* credit card number and expiration in their clear-text SQL Server database.

Not such a good idea. Here's why. :-))

[rxmd]

This may sound like a good idea, but it has its drawbacks.

The first drawback is granularity.

• If the value of every single card is large (few hundred dollars), it would be a mugger's paradise because people don't usually carry around much in cash, but a potentually valuable payment card would be a good target.
• If the value of every single card is small, no one will use it for larger transactions. You can buy your roll of bread quite comfortable using real money, and if you have to enter a dozen numbers when you buy your new $99 sound card online, the system is not going to be very popular. We've had this in Germany because it was considered to use prepaid phonecards for transactions. The idea was dropped, however.

The second drawback is non-rechargability. If recharging devices were available, people would start stealing those and recharging their cards at will. To make this impossible, one has to provide each card with a sort of "shadow bank account" and have the recharger communicate with some central authority. Then, you could desable known stolen rechargers.

The third and worst drawbacks is that if it's an electronic device, you can fake it. I spent some time in 1996 assembling a microcontroller-based board that could pretend it was a German phonecard. No one would introduce a payment card that could be faked this way. In order to stop this, one has to introduce either advanced secret card signing algorithms, which are sure to either leak out or be faked sooner or later, or use shadow accounting like with the German GeldKarte ("money card"). Again, anonymity and non-traceability can no longer be guaranteed, and the advantage will be gone.

A very good introduction how the German GeldKarte payment card system works can be found here. I'm sorry that it's all in German, but the system is specific to Germany, so most people wouldn't bother to translate it. You can try the fish, though. An English introduction can be found at Manni's page.

(Sorry for posting this multiple times :-))

Re:Credit Checks, Credit Ratings, And Minors

[Mike1024]

Hey,

If it was me doing it (It isn't... obviously), I'd have it basically set up as a normal credit card, then (If the person checked a box saying they wanted disposable numbers) every time I sent someone a replacement card (Or they used all thier disposable numbers) I would send a sheet of paper with, say, 10 fresh disposable numbers for them to use as they please. It could work like a big relational database; Every customer has a standard number mapped to thier account, and 10 disposable numbers. Each time a disposable number is used, it is unmapped and put in a big number pool for reuse (It would have to be reused with a different expiry date though). It would be like having a normal credit card, just as easy and convenient, just secure.

I think.

Michael

...another comment from Michael Tandy.

Good idea... bad effect...

[DESADE]

Although this appears to ba a great idea on this surface, I think this will actually have a negative effect on ecommerce.

The battle to convince the average user that electonic commerce is a safe way to conduct transactions has been a tough fight. We're finally getting to the point where Joe Sixpac does not feel hesitant to shop at Amazon.

A major credit card company saying, "we don't think the present system is secure enough, so we're offering an alternative" will just add to the fears of the average person that shopping online is not safe.

This would have been a good thing a couple of years ago... now it's just a technical harbriner of FUD...

Re:Are there enough valid numbers?

[Punto]

here's my idea: let's add more numbers to the card.

Ok, I'll go file for the patent now. Bye!

--

Re:Three steps to anonymity

[Vuarnet]

(1) Turn off computer
(2) Go to retail outlets
(3) Pay cash
(4) Get scanned by hidden metal detector so the Government can count how much cash you're carrying going in and out of the store, thanks to the little metal strips on the bills. Unless you're carrying rolls of quarters.

Hey, I saw that on the X Files, so that means it must be true, right? Right?

Not the point

[SecurityGuy]

This isn't about anonymity. This is reducing the risk to giving out your credit card to online vendors by insuring that it can only be used once. If the vendor stores your CC number and it is later stolen, you aren't inconvenienced by having to dispute the charges. There won't be charges since the card number was only valid for that first purchase.

Anonymity would be nice, but I don't think that's what they're trying to build here.

here's some more info

[bdavenport]

see here or here for extra details, including the fact that this will be for American Express consumer and small business cardholders in the United States.

so it's a step, but not a huge one. of course, bill murray said it best in What About Bob - Baby Steps!

Re:Great now it's IPs and AMEXs

[Chuck+Chunder]

If you take 19 numbers and stuff them in your database you are in all probability going to be violating your agreement with the credit card company. You aren't allowed to store the final three digits (the CVC) at all.

Already available for VISA customers in Ireland

[majormajor]

This service has been available in Ireland since August. It's offered as part of AIB's online banking service. The technology is provided by orbiscom. I haven't actually used it, but there is a demo available.

Stops recurring billing

[mitheral]

One of the big advantages of the one time use Credit Card Number is to foil recurring billing. Right now it can be a real bitch to stop that health club/ISP/Record Club from billing the CC you gave them when you first signed up. I've seen people resort to reporting their card lost. With these one time use numbers the recurring charges won't work.

Re:How long could they keep doing this?

[arivanov]

You are assuming that the numbering scheme will stay the same. Which I think is wrong

• I do not think that the numbering scheme will stay the same. So, along with Amex we will now have AMEX-One time or even AMEX-Electronic Traveller Cheque
• I strongly suspect number reusal. Basically electronic money or to be more exact electronic traveler cheques.
• I strongly suspect that the transaction in the finall version will not be anonymous. As if it is anonymous combined with number reusal the mixture will become outright explosive. It will simply be guranteed to be not reusable even if someone intercepts the numbers.

Spending Limits

[metoc]

Although a one time card will prevent repeated attempts to charge you, I wonder if you could place limits on the amount the first time it is used.

More than one merchant has said $58.00, but turned around and charged your card $158.00 by accident (or so they say). Would be nice to place a cap of say $70.

Besides it won't take long for them to recognise the one-time numbers and realize they won't get a second chance to screw you the first time.

Re:great idea, but is it a band-aid or a real fix?

[FatouDust]

Yes, but conceptually, you have just spent the cash, on a piece of plastic. If you don't ever exchange the piece of plastic for your spiffy new shirt, will you ever get your cash back? Then, in essence, a sale has already occurred, regardless of the further expected value of what you have purchased. Semantics, I suppose.
---
"The Constitution...is not a suicide pact."

This could be an incredible system...

[alexpage]

...if implemented properly. I can't see an easy automagical way of doing it, but this could work:

1. You decide you want to make a credit purchase

2. You go to a nice secure link with Amex (128 bit SSL or higher), enter your credit details and receive a one-shot temporary number

3. At the webstore, you enter your details but use the temporary number instead of your CC number

4. The webstore talks to Amex and gives them the details you provided them, which is enough for Amex to identify you.

5. Amex transfers the money to the webstore and charges your card

If you think about it, it's not just the number that can be used to identify you - I wouldn't have a problem, from the point of view of not having my credit card number stolen, with giving my name with the one-shot number - but also the name, expiry date, etc.

Also, if Amex can do this, anyone can. Provided they have a decently secure system, obviously. Imagine this - I set up Anonymous Credit Transactions, Inc. You register with me, give me your real cc details. When you want to buy something, you do step (2) above, and receive a one-shot number, perhaps with false name etc. - after all, as long as ACT can identify you, and the webstore can bill ACT, it doesn't matter what info you give them.

When you buy something, the webstore contacts ACT, who charge your credit card and give the money to the webstore. As long as someone has sufficient security knowledge and money to set up an ACT Inc, there's no reason why you'd have to use Amex, or any provider who also gives you your credit card.

Alex

Why have a credit card number?

[bill_mcgonigle]

Your key ID number is fine. You just encrypt the amount. The vendor would need to encrypt the amount he expected in the package sent to the credit card company. The encryption could be handled by the circuit in the card (definately not a POS terminal!)

not new, amex has this at 7-11

[terryray]

Yes, these pre-paid phonecard-like credit cards have been offered at 7-11 here in TX for months. I know a few paranoid types who use 'em here at the library in an attempt to stay anonymous. They are like cash and if you lose it or get stolen, tough luck.

One step closer to...

[jmv]

cryptological credit card number!

Here's the process...

1) Am Ex holds special private keys for all merchants (the merchant only has the public key).

2) I encrypt my card number, as well as the amount of money using the merchant's public key and send that to the merchant.

3) The merchant sends the message (he cannot decrypt it) to Am Ex.

4) Am Ex, decrypts is with the merchant's public key (if somebody else had intercepted, it wouldn't be encrypted with the right key).

5) Am Ex pays the merchant the right amount from the right credit card.

Looks safe (to me), though IANACS (I am not a cryptography specialist)

Re:One step closer to...

[pdion]

Well of course it is cheaper for them since banks and cc companies do not pay for fraud. Consumers and merchants are. Why should the bank care ?

Re:Are there enough valid numbers?

[Wiseleo]

AmEx is 15 digits. Your calculation is invalid.
--
Leonid S. Knyshov

Re:Testing earlier this year...

[swb]

Blah...to be honest, I really wish I had more of these things. Much easier than carrying cash, and I don't have to worry thieves getting access to my Debit Card (long since gave up the credit thing...) and depleting my account and waiting the 8 months for my lousy bank to redebit the 2 grand the fuckers stole and charged up 4 days after reporting it stolen.

I burned my debit card when they tried to send me one and told them never to send me another one for the very reason that you state. Why should banks do anything when it's your money at risk? They're much more responsive when its their money at risk.

Use a credit card! Why risk exposure of your cash? Just pay it off in full every month and you're home free. Get one with frequent flier miles or some other bonus and you can get paid for spending money.

Re:Great now it's IPs and AMEXs

[masoolsa]

The numbers could be reused, so unless 10^12 (or whatever) people request a temporary card number, it'd be okay. It could become a daunting task to coordinate all this though.

Credit cards, forgery & identity theft

[crovira]

As a recent victim of forgery, I feel your pain. The bank even had the balls of closing my account because of a negative balance after the forger cratered my balance to the tune of $1,200

There is also identity theft where someone poses as you to apply for credit (usually using some stolen information like your SSN,) and runs up charges before running away. My wife was victim of that crime to the tune of almost six grand.

Total cost to me, some aggravation and irritation. Total cost to the bank and the credit issuers, several grand. And its not going to get any better until a few things are improved.

Single use card are like one-time crypto pads so they are more secure against serial use but the source and cause of the problem remains the same.

The problem is that none of the authentication systems work properly. Verification is currently based on what you know, easily forgable, instead of what you are (biometrics are much harder to forge.)

Its the same principle, or simple lack of planning and forethought, behind car alarms that wail at you in the middle of the night so that you would pay someone to steal the effin' car.

Or sirens that demand that I GET OUT OF THE WAY!!! when I'm sitting in my apartment trying ot read.
If you want other vehicles to get out of the way, the horns should be IN THE OTHER VEHICLES. Honking at me up there is wasteful, inelegant, irritating and stupid because in my town, its likely to get you a brick thrown through your windshield.

Read "Sytemantics The Underground Text of Systems Lore. How Systems Really Work and How They Fail" for a most cogent analysis of why things don't work too well.

Cool!

[mOdQuArK!]

I think this is a darn good idea, as long as the number space for the one-time numbers is large enough to avoid collisions for many years between usages. (And the resultant numbers will have to contain some kind of cryptographic signature information so that fraudsters won't be able to just make up random numbers to try and get a hit on an open one-shot account number).

About how many digits will they have to use to make these assumptions feasible (including the cryptographic check?). Maybe if they go to letters AND numbers?

This kind of scheme would handle a lot of my objections to giving credit card numbers to untrustworthy merchants (given that I trust AMEX not to release my personal information to anyone else :). I can only hope that other card vendors and/or banks might follow their lead.

I'm assuming that the one-time numbers are not TRULY anonymous (otherwise AMEX wouldn't know where to send the bill, and/or it would be too convenient for money laundering).

None of this is useful...

[adipocere]

...until we have anonymous mailboxes.

The United States Post Office (yeah, I know, five hundred Ugandans sit up and scream with outrage because I assume this article is about the US, "Bloody Americans," blah blah) requires you to show ID. If you go to Mailboxes, Etc., they also require ID. Basically, legal places require legal identification.

Unless you have access to fake ID, your transaction still isn't that anonymous. We need places to get these things shipped that we buy online (unless they are services [like porn] or goods [like file downloads]). Any ideas?

Re:None of this is useful...

[Pete+Jackson]

You could register a company and open the PO Box in the company's name. Frankly, I'm not certain it's worth worrying about the fact that you have to show ID to get services at the post office. But if you're really concerned, Playboy (I get it for the articles!) ran an article about becoming anonymous a couple of months ago. Bascially, it said something like:

1. Register your car to a company that you own, and have it registered in more than one state.
2. Have your mail go to a PO Box.
3. Have you bank accounts registered to a company or a trustee.
4. Don't use credit cards.
5. Register your utilities to someone else.
6. etc etc etc.

I'm not sure I'd want to deal with being that anonymous. After all, I AM a person with a credit history attached to me. I'm much more concerned about people misusing or getting ahold of information when I don't want them to than I am with that information being associated with me.

Sure, I'd rather not have everyone in the world know the contents of my mailbox, but I'd also rather have my mail go to a box that not just anyone can open (i.e. only someone with my ID).

Re:Getting the new numbers is an issue to consider

[Pete+Jackson]

The one hands down benefit is the inability for the business you bought something from to store your *valid* credit card number and expiration in their clear-text SQL Server database.

Or even worse, in a clear-text comma-delimited file sitting on a UNIX filesystem somewhere, then FTP'd daily to a fulfillment house, as my previous employer used to do. Working there really opened my eyes about the protection of personal/sensitive information.

--Pete

How long could they keep doing this?

[Sawbones]

Personally, my Blue card has 15 digits. Presuming that they have to keep with the same general self-authorizing numbering schemes (numbers so that quick checking schemes can tell right away if the card is bogus) how long could they continue to issue unique "one time use" numbers before overlapping occurs? Couldn't someone just try entering a number at random and more than likely stumble across someone elses current temporary account number?

Don't get me wrong, these are just questions, I think the system is a great step forward. While I don't EVER use my credit card online unless that "little lock" appears in my web browser and don't let companies store my CC info for quick "one click shopping" (shudder) this will ceratinly help bring a little more confidence to newbie online consumers.

Re:How long could they keep doing this?

[Benjamin+Shniper]

16 digits here. Assuming they are using 16 digits, of wich 14 are useful (probably closer to 13) they can have 1 billion people (9 digits) do one hundred thousand transaction each (5 digits)(on average). Assuming a person does one transaction every 2 days, that gets to 600 years.

so 60 years if you have 13 useful digits.

-Ben

Re:How long could they keep doing this?

[msanto]

This info may be out of date but....

the first digit describes the type of card.

the first 4 digits is the bank code (for Visa and MC at least).

the next 4 digits (second group of 4) are usually used for some sort of account grouping within a bank. For example, all low rate intoductory cards might get 1500.

I think one of the last 8 digits is a checksum

Following this seriously reduces the number of available card numbers to about 7 usefull digits.

Three steps to anonymity

[KingJawa]

(1) Turn off computer
(2) Go to retail outlets
(3) Pay cash

Re:Three steps to anonymity

[Sloppy]

Exactly! My Double-wide Triple-Ripple Vibrating Heated Equestrian Dildos (Conquistador version) with RectoGlide (TM) Hemmoroid-Tolerant Finish (patent pending) and NoLoss Safety Cords (TM) are a matter between me and the mailman. I don't want to embarrass myself in front of some clerk who will probably laugh at me when I ask about the RectoGlide (TM) finish's money-back guarantee.

---

Re:Three steps to anonymity

[AbbyNormal]

Where do you get the cash? Atm? Bank? Liquor Store Robbery...

Re:Three steps to anonymity

[Ramses0]

Not quite, go watch Enemy of the State, and then start looking around for video cameras, and strange vans. ;^)=

--Robert

Re:Three steps to anonymity

[Sloppy]

Step 2.5: Give up in frustration because there's no retail outlet. There isn't enough demand for whatever you want, for there to be a retail outlet in every locality.

I love internet shopping because I can get things that were not previously available to me. Too bad there's no easy way to buy things anonymously with cash over a long distance.

---

Re:[OT] your .sig

[ptomblin]

Thanks for the tip, Tower. Damn shame about how it got moderated.

--

Wait a minute...I'm confused

[AbbyNormal]

How exactly does this work. Do you have to have a prexisting "smart card"? So do you just logon to their website, tell them that you wish to make a purchase at a particular website and THEN they give you number OR do they just give you the number for just 1 transaction anywhere? I did not find the CNEt article particularly clear on that subject.

Re:Testing earlier this year...

[jea6]

I'm sorry sir, your one time Amex has been... DECLINED! (On a $1 auth) :(

No problems with reuse of numbers

[WileyC]

At first I thought (like others) that there would be a problem with numbers running out. But I realized that if you allocated, say, a trillion numbers as the 'one shots' (only 12 digits out of a 16 digit number), this would be enough to discourage black hats who would try gobs of numbers.

Part two of the scheme is that you put a strict time limit on each transaction, say a week. After the transaction occurs (or if the time limit comes up), the number goes dead again. There were be very few (percentage-wise) live numbers at any one time. After a suitable dead period, you throw it back in the pot of possible numbers.

Credit Checks, Credit Ratings, And Minors

[citizenc]

I like the idea of one-use credit card numbers -- eliminating fraud should have been the #1 priority of credit-card companies since the e-commerce boom, and I'm glad to see that AMEX has been thinking about this problem. However, I am curious about a few things.

First, how will the numbers be issued? My first thought would be instantly, over the 'net. But then I realized that would just be stupid -- the fraud would just be transferred over to getting the #s in the first place.

Second, how will AMEX ensure that you will pay your bill? Will they require that you have an alternate AMEX card, and bill THAT one monthly? (Not that bad an idea, actually..) I don't have a credit card myself (I'm only 18, and I don't think I could handle the responsibility.) but I know of a few items that are a royal pain in the ass to find in stores. (My Razer BoomSlang 2000 is one such item..)

Third, will PEOPLE be able to handle such convenience? I know that impulse buying is a big part of business (why else do stores have all that candy sitting next to the register?) and, if the numbers are instantly available online, you might buy a $900 computer system on a whim, and not have the cash to cover it.

Thoughts?

--
CitizenC

Re:Credit Checks, Credit Ratings, And Minors

[goliard]

No. It is meant to challenge your assumptions.

The best technologies are ones which don't mystify their users; which are reliable and robust, not cantanerous and prone to disasterous failure from small errors; which work themselves into the fabric of everyday, mundane life so well we don't even think of them as "technology" anymore. One should not have to engage in ritual sacrifice; to learn strange, archane words or glyphs; to prepare extensive containment mechanisms in the eventuallity that what one raises one cannot put down; to have to perform an extensive series of precise gestures to a level of exactitude which demands years of training, lest in erring one looses upon an unwitting world a reign of absolute darkness and terror; or to invoke metaphysical powers... merely to use, say, a spreadsheet. Yet for decades, that has been precisely the experience of many users of commercial software products.

Geeks are people who delight in being wizards. For us, playing with the arcane is intrinsically enjoyable. But that a technology is arcane does not make it a good technology -- it makes it a marginal technology.

The best technologies are like hammers, bridges, and automated teller machines. No matter how little the general public understands them, there is nothing mystical, occult or "magical" about them for even the least technical person.

The "magicalness" of technology is an indication of its poverty of elegance, its brittleness, its limited user interface.

A "magical" technology is anything but advanced.
----------------------------------------------

Re:Credit Checks, Credit Ratings, And Minors

[bluGill]

credit card numbers are already instantly available in their wallets. Overextended credit already happens all the time (and making purchases you can't afford is what keeps credit card companies in

There is a problem with your reasoning: Amex is not a credit card, it is a debit card. You are required to pay the entire balance every month. A credit card allows you to not pay the full balance, but you pay a high interest rate (in general) if you don't.

Re:Credit Checks, Credit Ratings, And Minors

[Mr.+X]

Incorrect. The original AmEx is a CHARGE card.
A debit card withdraws money directly out of a checking account.

Anyways, American Express has offered normal credit cards for several years now, such as their Optima cards, and now the American Express Blue.

Re:Credit Checks, Credit Ratings, And Minors

[ShaunC]

>Second, how will AMEX ensure that you will pay your bill?
>Will they require that you have an alternate AMEX card,
>and bill THAT one monthly?

My guess is that charges you make with disposable numbers will appear on your regular Amex statement. They aren't issuing disposable cards, just disposable numbers. They'll be attached to your primary account, I'm sure.

>if the numbers are instantly available online, you might
>buy a $900 computer system on a whim, and not have the
>cash to cover it.

Peoples' credit card numbers are already instantly available in their wallets. Overextended credit already happens all the time (and making purchases you can't afford is what keeps credit card companies in business, after all). Disposable numbers aren't going to make this any more of a problem. People who overspend, especially people who do it out of compulsion, don't need new numbers. They already have credit cards.

Shaun

Great now it's IPs and AMEXs

[rw2]

As if the IP number shortage wasn't enough, now we're going to run out of AMEX numbers too. AMEXv6 anyone?

I just hope they didn't issue all the AMEX card numbers starting with 18 to MIT!

Re:Great now it's IPs and AMEXs

[lizrd]

This is kind of interesting. egghead.com is now asking for those digits. They have some babble on their site about how it makes your transaction more secure, but I don't understand it. hrm...I've got a link here someplace.... ah here it is.

I don't really see the extra utility of giving them these digits, is it just to help prevent the use of CC# generators? Don't see where that would help since it isn't required. I also wonder when they say on that page that 16 + 3 = 20. I'm muchly confused by that as well. Anyone else have any ideas?
________________
They're - They are
Their - Belonging to them

Re:Great now it's IPs and AMEXs

[Chuck+Chunder]

Eggheads blurb seems a bit nonsensical.

They are saying that if you use the extra three digits for this transaction then they will be more sure that it really is you. On the other hand if it wasn't really you, they'll still happily accept a number without the CVC(or whatever they want to call it, I think CVV is Visa and CVC Mastercard, but they are essentially the same thing).

So how are you more protected? Er, well you aren't. They are probably trialling the acceptability of asking for the extra info in the marketplace and don't want to put people off who are confused by the extra requirement.

In the long term the CVC will add another layer of protection (mostly for the merchants, as they are the one's who bear the cost of most of the fraud) but only when they require it's use (and Visa/Mastercard at least will be demanding this of internet merchants, and possibly all non-signature backed transactions, in the not too distant future.)

Basically all the CVC does is 'prevent' the use of CC generators and the easy lifting of credit card numbers from receipts for later 'anonymous' use.

'Prevent' is probably too strong a word.

If you generate a CC number you still have a 1/1000 chance of getting the right 3 digit CVC, though perhaps the CC companies have an ace up their sleeve to prevent a perl script being used to try all the combinations one by one on sites across the internet.

The CVC is only three digits long and is plainly visible on the signature strip of your card. I don't think it would be too difficult for an unscrupulous sales assistant to remember it and note it down, particularly if the shop isn't that busy.

It is better than nothing though and the dirty secret with e-commerce is that fraud costs merchants big-time and they'll take what they can get to help prevent it.

Re:great idea, but is it a band-aid or a real fix?

[Phroggy]

Lastly, as another poster already said, the government is sure to get twitchy about this. How will they tax anonymous purchases? Requisition monthly transacion records from AmEx?

The same way they tax cash purchases?

--

internet debit card

[globalicard]

My company has a patent pending for an internet debit card which is not linked to any credit card or bank account. This will allow complete security to the user without the need to give out any personal information . It will also allow those without credit cards or bank accounts to purchase goods and services over the internet. Eventually, since the card is "rechargeable" the applications beyond the internet are numerous. Any responses are welcome.

Testing earlier this year...

[clifyt]

They were testing this stuff earlier this year at several tech expos. I received a card worth (I think) worth $50 for sitting there and answering a few questions. They could have just as easily emailed me the numbers and said here ya go, use it online instead of giving me a piece of plastic that was worthless after just one usage.

Hmm...looking through my wallet I still got it...I probably still have a dollar or two on this card if anyone wants it :-)

3790 112994 91001
good 02/00 thru 11/01

Blah...to be honest, I really wish I had more of these things. Much easier than carrying cash, and I don't have to worry thieves getting access to my Debit Card (long since gave up the credit thing...) and depleting my account and waiting the 8 months for my lousy bank to redebit the 2 grand the fuckers stole and charged up 4 days after reporting it stolen.

grumble grumble...

clif

Re:[OT] your .sig

[Tower]

Thanks for being more understanding than the moderator... I thought it was a decent point, after all - Rochester, MN is a fairly techie town (big ol' IBM site with a several thousand people, bunch of doctors at some Mayo Clinic thing...)

--

Re:Are there enough valid numbers?

[lizrd]

Actually the key space is significantly more restricted than this. The paragraph below explains this and is quoted from howstuffworks.com

What Do the Numbers on My Credit Card Mean?
Although phone, gas and department stores have their own numbering systems, ANSI Standard X4.13-1983 is the system used by most national credit card systems. Here are what some of the numbers mean:

• The first digit in your credit card number signifies the system -- 3=travel/entertainment cards (such as American Express and Diners' Club), 4=Visa, 5=MasterCard and 6=Discover Card.
• The structure of the card number varies by system. For example, American Express card numbers start with 37; Carte Blanche and Diners Club with 38.
• American Express: Digits 3-4 are type and currency, digits 5-11 are the account number, digits 12-14 are the card number within the account, and digit 15 is a check digit.
• Visa: Digits 2-6 are the bank number, digits 7-12 or 7-15 are the account number, and digit 13 or 16 is a check digit.
• MasterCard: digits 2-3, 2-4, 2-5 or 2-6 are the bank number (depending on whether digit 2 is a 1, 2, 3 or other). The digits after the bank number up through digit 15 are the account number, and digit 16 is a check digit.

________________
They're - They are
Their - Belonging to them

Kind of stupid that you...

[osjedi]

..go to their web site, type in your credit-card number, and then get a one-time-cardnumber to use somewhere else. You still had to use your real number to get the one-time number.

"American Express cardholders will be able to log onto a secure Web site and receive a one-time-use credit card number for purchases over the Internet"

Anonymity? I doubt it. Amex still knows who they assigned each one-time number to. I am sure they will keep records of each OTN linked to your account. Anyone who can track you down by card purchases today will still be able to under the new plan. Big Brother is still in the house.

Amex

[d3funct]

I used to be a SysAdmin for AMEX, believe me, they already do have your information, even if you've never had an Amex card before.

You can do this

[Otto]

www.webcertificate.com

Put in the cash you want when you want. It works like a mastercard, at any store that takes mastercard. Simple. Easy. Effective.

---

Weakness

[rxmd]

Someone else encrypts your card number as well as the amount of money using the merchant' card number. You're basically right where you are now without encryption.

Re:Online banking/accounting?

[donutello]

The article is amazingly scarce on technical details.

Anonymity is not the intended purpose of these cards. The purpose of these cards is to generate credit card numbers which are one-time use only so that anyone stealing them has no use for them.

Disposable Numbers

[DanielRavenNest]

Eventually, someone will develop "e-checks". Essentially, it'll be like writing a check to
cash right now. The bank gives you a check number
(say 16 alpha-numeric = 80 bits worth), you
tell them the dollar amount, which is debited
from your checking account. You forward the
bank identification (their routing number),
the check number, and the amount to the merchant.
He gives that info to HIS bank, which collects
from your bank.

All this can happen in real time. You shop online, find something you like. Open another window to your bank, and get a check number.
Copy/paste the number into the merchants form,
with the amount and bank rounting info. The
banks do some back office magic, and your payment
is in the merchant's account immediately.

Stealing the number does no good, since it is
only valid for one transaction. Similarly, you
eat at a restaurant. You get bill. You pull out
PDA and get a check number from your bank. Give
to server. Server takes number over to their terminal. A few seconds later it comes back as
good/paid, and everyone goes away happy.

There's no reason you couldn't do this with a
credit account. Instead of giving the card
to a store clerk, you swipe it through the
card reader in your handheld PDA. Your credit
card issuer then gives you a single use number to
give to the clerk. Clerk feeds it into the
terminal, and it clears.

Daniel

"it might lead to anonymous purchases."

[Mike1024]

Hey,

it might lead to anonymous purchases.

You don't recieve things that you have sent to a false address. Surely anonymity (sp?) is only availiable when purchasing goods that can be delivered online, i.e. downloaded/viewed. One would think this wouldn't be much help: Credit card companies would keep track of numbers and users for billing and fraud detection, so you're basically exchanging one anonymous-looking multi-digit number for another. Better security? Yes. Better anonymity? Not that I can see.

Michael

...another comment from Michael Tandy.

Re:"it might lead to anonymous purchases."

[aozilla]

depends on what you're buying, if you buy certain services, they don't have to be delivered. this all assumes that they're going to have vending machines where you can buy these cards with cash, of course.

We need prepayed cards thank you

[twingo_gtx]

For truely anonymous purchases we need prepaid cards that you can purchase anywhere just like phonecards. If those prepaid cards would act like a credit card online then it would be perfect. You could buy these cards at the local grocery store with cash. Suddenly you have a card that acts like a credit card without anyone knowing who you are. Granted if your buying something that needs to be sent to you they get your address but for micropayments and such where you're only getting digital data back, it would be perfect.

Re:great idea, but is it a band-aid or a real fix?

[jareds]

Yes, but conceptually, you have just spent the cash, on a piece of plastic. If you don't ever exchange the piece of plastic for your spiffy new shirt, will you ever get your cash back? Then, in essence, a sale has already occurred, regardless of the further expected value of what you have purchased. Semantics, I suppose.

It doesn't matter how you think of things conceptually, states will always charge sales tax when you make purchases using things like pieces of plastic or gift certificates, because otherwise people would just buy such things in states with lower or no sales tax, and spend them in their home state. Since there will always be a tax when you make the purchase, you don't want a tax when you buy the card, as well.

Whitehouse.com, here I come!

[pcwhalen]

Hehehe, he said "come" hehehe.

You KNOW that is the only thing holding back most testoterone-juiced net users from hitting thier local porn purveyor - the idea that you credit card number will be held for ransom by some blackmailing cyberpimp.

10 bucks says this is what was on AmEx's mind here

'Scuse me, I have to sign up at www.nudegranny.com right away!

great idea, but is it a band-aid or a real fix?

[auto85842]

We should be asking ourselves what we want the on-line transaction of the future to look like. This is certainly one way of doing it, and you can bet that Visa and Mastercard will shortly follow suit, but is it the best way?

It certainly has advantages over typing your card number into 50 different on-line databases, but your credit card itself is still the weak link in the chain. Sooner or later the question of authentication will rear its ugly head. How do you know that it was really Joe Shopper requesting that disposable number, and not Joe Cracker?

On another note, notice how anonymity is hyped in the article, and sometimes used in place of privacy? Do we have an unlikely ally in our quest for true web anonymity (i.e. "You don't know who I am."), as opposed to privacy (i.e. "We know who you are. Trust us; we'll try really hard not to tell anyone.")?

Lastly, as another poster already said, the government is sure to get twitchy about this. How will they tax anonymous purchases? Requisition monthly transacion records from AmEx?

Re:Are there enough valid numbers?

[Jeff+Ballard]

My guess is that the solution to the limited number base is one (or both) of the following:

1. Use the existing 16 digit block, but also twiddle the expiration date. Therefore they could reuse the same 16 digit block, and use all of the combinations of expiration date and match up the purchaser name. So therefore I might only get a certain 16 digit block once, but that one time I get it I'll have a special expiration date so that it will differenciate between me and some other person who got this block before... and my name needs to match up or the sale is blocked.
   
2. Expand the 16 digit base (potentially as high as 32 digits). Since the forum that these will be used in is online, there are fewer (but certainly there are some) legacy problems in a limited number of digits. In fact, a lot of cards that are not general use (like gas cards, dining club cards, etc) don't use 16 digits...
   

Anyway thats my US$0.02.

Anonymous purchasing?

[eshaft]

Why do we want completely anonymous purchasing? A better system would be one where everyone accepts what people buy without stupid prejudices.

Say what you want, but when you accept life and all of the possibilities and consequences that come with it, you don't need to hide yourself from others. And when they accept them too, they won't need to hide from you.

Aaah, in a perfect world... ;)

Re:Getting the new numbers is an issue to consider

[Zeus72]

Yikes. Where was this? We should compile a list of sites and their procedure for storing data as reported anonymously by the programmers and admins who work there. Now that would be a list worth reading.

Welcome "CC number generator" ;-)

[rxmd]

This is a really good idea, a bit like the unique transaction number system used in electronic banking - once the number is used, you can't use it anymore, nor can anyone else.

The problem I am seeing with it, however, is that it gives a whole new field of application to the credit card number generator programs that the usual cracking groups have been cranking out for the last year or so (like DisCard online, available from places like New Order). The algorithm by which AmEx would be generating their credit card numbers is going to be a company secret, of course, but so are the algorithms by which they are generated now. If anyone was able to provide a similar algorithm that generates disposable credit card numbers from someone's semi-public fixed account numbers or whatever static personal data AmEx would be using, it would probably lead to a new generation of credit card frauds ("What do you mean, you haven't used this number yet? So what about the transaction on XX-XX-XXXX?").

Online banking/accounting?

[mholve]

How will this effect online banking and accounting? You would have to tie this "anonymous" account number to YOUR account...

Sure, there are enough numbers...

[JazzManJim]

Here's how it would likely work:

The numbers need not be "one time only" usage by AMEX. Basically, AMEX only needs to keep the number active long enough for the transaction to be processed, which would last perhaps one month, then the number goes back into circulation. What they would track then is an activity log for each number (for each number, who used it, when, and where) and an activity log for each user (what number they used, when, and where). Any billing questions can be referred to the log for archive purposes and the numbers stay active only for as long as they're needed, then AMEX drop them back into general circulation.

This is not going to be an easy accounting task: issuing number, tracking their usage, deactivating, then reactivating them. I can tell you that I'm pretty good with logistics (being a police dispatcher tends to develop those skills ) and it'd be a nightmare for me to track. I'm not sure of any better way to do it, though.

If there's going to be a security loophole, it'll come in the time a number is active, after the transaction is processed, but before the number is deactivated and put back into circulation.

-Jimmie

You're right.

[Benjamin+Shniper]

That was my though exactly, but what if the system issued the credit card AFTER you made the payment, with the limit set to the payment amount and the expiration date set randomly?

Then you couldn't easily brute force it, and you wouldn't get more than a couple dollars if you did. Also, in case of an abuse by a small company, you could specifically tag the payment to only one payee. Then it works out well.

-Ben

Sounds Like Electronic Travelers' Checks

[grahamkg]

What a neat idea! At least it seems as though it would be an electronic equivalent to a travelers' check.

Numbers could be handled easily. These "credit cards" could be "sold" either individually or in lots. Once a number is issued, it could be reserved, certainly until used, or until some fixed amount of time has passed. Subsequently the number could be reissued, though it might be a few years before that happens.

Graham

Whatever happened to Fixed-Value cards?

[General_Corto]

Although not all banks issue them, my parents used to get fixed-value credit cards when they went on holiday (they're far easier to deal with and carry around than traveller's checks). You'd just go to the bank, transfer some money on to a card (I believe it was Visa that issued them), and off you'd go - most ATMs would even tell you how much you had left. After the holiday, you'd just have the bank take off any remainder on the card and put it bank into your account. Personally, I don't see why this wouldn't work online (just make sure the maximum value on the card was 'reasonable'). The cards only work in ATMs currently, but hey, I'm sure Visa has the ability to fiddle that at will :)

for those who are interested in this, Visa has some details on the cards here