advise on network security report
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Wed Nov 1 21:17:49 UTC 2006
On Wed, 01 Nov 2006 15:09:59 EST, Mike Callahan said:
> Perhaps a better start on impacting this would be for the credit card
> companies to pursue the people that abuse their cards/systems instead of
> just writing fraudulent purchases off as a loss and not pursuing them
> any further.
Let's take a hypothetical $300 fraudulent charge. If the card company spends
more than $300 pursuing it, it's losing money on it and is better off just
swallowing it. Now what does $300 get you? If you're lucky, that gets you 5
hours of a tech's time to chase logs, make phone calls, and get all the
evidence together, and 1 hour of a lawyer's time to get the ball rolling if you
pursue it as a civil matter.
How much pursuit can you get done in 5 hours?
The credit card companies are *acutely* aware of *exactly* how much it
costs to swallow any given fraud, and how much it costs to chase a particular
miscreant down. And barring some major economic/political/legal changes
that alter the price/performance ratio, they're unlikely to change the way
they do things.
(Hint - $50B sounds like a lot, but what percent of the total Visa/MasterCard
business per year is that, really? Not much compared against the $1,325B
done by the top 4 card networks in 2004:
http://www.fdic.gov/bank/analytical/banking/2005nov/Art2table1.html
The whole article is here:
http://www.fdic.gov/bank/analytical/banking/2005nov/article2.html
and discusses in fair amount of detail what the credit card companies
*really* worry about, and why....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20061101/8206f71c/attachment.sig>
More information about the NANOG
mailing list