Easy: get a "blame consultant" or "blame vendor". This is: get a guy or company (an external one, an internal employee will NOT do the trick) who/which, per contract, HAS TO solve your system problems. The idea is to set up things in such a way that if Mr. Externalguy says "Its a database problem" your answer has to be: "Ok then, call Oracle and have them fix it; if they claim it's an OS problem, then YOU call IBM and coordinate them with Oracle and whoever else to get the thing solved, Mr. Externalguy! That's the job I'm paying you for!" In short, the idea is to pay someone to serve as a "no-excuses" focal point and have him deal with as many vendors you may need.
Update: It looks like they have reached an out-of-court settlement. From my European point of view, I'm beginning to think that American companies look at court more as a usual line of business and profit than as a protection for their rights.
Hi! I work as an e-commerce developer, so I think my two cents might be worth 1/50th of a dollar on this topic. There are several ways of protecting shoppers privacy while giving merchants the security they want. The most common is using a third party as payment gateway. This third party is a certified authority and has an agreement with a bank (or is a bank itself) or with a credit card issuing company, so they can check if a credit card is valid via a digital certificate which gives warranty on *your card*. This means that, if somebody steals your card or peeks at the number, s/he can do nothing with it because s/he does not have the 128-or-more bit digital fingerprint that resides safely in your computer (hacking is another issue here; we are talking about credit cards now, ok?)
Besides that, if no certificate is used, WHAT CAN THEY DO WITH A PICTURE OF YOU AND YOUR CREDIT CARD? Maybe these guys never heard about a nice software called The Gimp (well, let's say Photoshop if you are not an OpenSourcer), which allows you to alter a picture your own credit card, changing the numbers by any others you want while preserving your name. Even better, if you manage to steal a wallet, almost for sure you can find the credit card along with a picture of the owner! (passport, driving license if yours are also the European model, etc).
So, bottom line: asking you for a picture is both untrustworthy and useless.
Slashdot Mirror
Easy: get a "blame consultant" or "blame vendor". This is: get a guy or company (an external one, an internal employee will NOT do the trick) who/which, per contract, HAS TO solve your system problems. The idea is to set up things in such a way that if Mr. Externalguy says "Its a database problem" your answer has to be: "Ok then, call Oracle and have them fix it; if they claim it's an OS problem, then YOU call IBM and coordinate them with Oracle and whoever else to get the thing solved, Mr. Externalguy! That's the job I'm paying you for!" In short, the idea is to pay someone to serve as a "no-excuses" focal point and have him deal with as many vendors you may need.
Update: It looks like they have reached an out-of-court settlement. From my European point of view, I'm beginning to think that American companies look at court more as a usual line of business and profit than as a protection for their rights.
Hi! I work as an e-commerce developer, so I think my two cents might be worth 1/50th of a dollar on this topic.
There are several ways of protecting shoppers privacy while giving merchants the security they want. The most common is using a third party as payment gateway. This third party is a certified authority and has an agreement with a bank (or is a bank itself) or with a credit card issuing company, so they can check if a credit card is valid via a digital certificate which gives warranty on *your card*. This means that, if somebody steals your card or peeks at the number, s/he can do nothing with it because s/he does not have the 128-or-more bit digital fingerprint that resides safely in your computer (hacking is another issue here; we are talking about credit cards now, ok?)
Besides that, if no certificate is used, WHAT CAN THEY DO WITH A PICTURE OF YOU AND YOUR CREDIT CARD? Maybe these guys never heard about a nice software called The Gimp (well, let's say Photoshop if you are not an OpenSourcer), which allows you to alter a picture your own credit card, changing the numbers by any others you want while preserving your name. Even better, if you manage to steal a wallet, almost for sure you can find the credit card along with a picture of the owner! (passport, driving license if yours are also the European model, etc).
So, bottom line: asking you for a picture is both untrustworthy and useless.