credit card : Java Glossary

by Roedy Green ©1996-2008 Canadian Mind Products
index page for letter ⇒ punctuation 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)

credit card

The Java Commerce API is still vaporware.

Credit cards are obsolete. They are absolutely preposterous when it comes to security. Giving someone your credit card number is even more foolhardy that giving them a blank cheque. Why? scissors

They can withdraw any amount they please on your credit card account, just like a blank cheque.
they can withdraw even more money than you have, up to your credit limit, more than they can with a blank cheque.
They don’t need to show any id to collect the money. At least with a blank cheque, they must show id to cash it. They can go shopping anonymously on the Internet or by phone with nothing more than your credit card number.
They can withdraw money again and again in the future. A blank cheque can be cashed only once.
The card number can be used as stage one of an identity theft. A blank cheque is not a form of identification.

Credit cards are an anachronism from the days when people used to leave their doors unlocked. What are your alternatives?

For brick and mortar shopping, use a debit card. It is protected by a PIN (secret Personal Identification Number) , and the worst than can happen is your account can be cleaned out.
PayPal. You have to trust PayPal to take money out of your account, but you don’t have to trust merchants. You decide the amount. They can’t change the amount or repeat the transaction.
Smart cards. These are popular in Europe. The card has a tiny computer embedded in it that handles security.
Snail mailed cheques, though even your bank account number is enough for a corporation to drain your account.
One-shot credit card numbers. Amex will give you a credit card number good for only one transaction. This is a hassle to arrange.

The other problem with credit cards is the credit card companies have the legal right to jack the interest rate up into astronomically usurious rates. It is too easy to get into debt. Just cut them up!

Debit Cards

Debit cards that use a mag stripe and a 4-digit PIN are not as vulnerable, but they still are vulnerable. Happily, thieves can’t use them on the Internet, even if they steal both the card and PIN. Sophisticated thieves replace the reader units or insert extra electronics into gas pump units to record account numbers and PINs. They then can wipe out your account at any ATM in the world.

Smart Cards

The solution is smart cards that have a small computer and a private encryption key embedded in the card. The private key cannot be extracted or duplicated. It works by digitally signing the transaction with the private key. Some credit card companies, especially in Europe, are converting to smart cards. The card’s smart feature could not be used over the Internet without a smart card reader, not a common device. If the card permitted mail, phone or Internet purchases without smart card validation that would defeat the whole point of the security. It would be like using one of the old blank cheque credit cards.

In Canada, smart cards are being phased in over the next two years. There will also have signatures and a mag stripe for use at merchants without the new readers. The cards will not become secure until the the, number, the stripe or the signature are no longer valid anywhere. This likely won’t happen for many years to come. Banks could issue smart cards without stripes, numbers and signatures that are fully secure, but I have heard no plans to do this. You would not be able to use these for Internet purchases, until someone worked out a smart card reader for desktop computers.

Credit Card Validator Amanuensis
digital signature
identity theft
shopping carts
The Transporter: Credit Card data via email
Verisign Cybercash

	Please email your feedback for publication, errors, omissions, broken/redirected link reports and suggestions to improve this page to Roedy Green :
	Canadian Mind Products
	mindprod.com IP:[65.110.21.43]
	Your face IP:[38.103.63.62]	The information on this page is for non-military use only.
	You are visitor number 15,080.	Military use includes use by defence contractors.
	You can get a fresh copy of this page from:	or possibly from your local J: drive (Java virtual drive/mindprod.com website mirror)
	http://mindprod.com/jgloss/creditcard.html	J:\mindprod\jgloss\creditcard.html