Tuesday, February 12, 2013

The end of ID and credit card safety? Must e-commerce be destroyed?

Want a scary story about the near future of you and your money on the internet... and the future of e-commerce? Try this from Mark Anderson, one of the top tech business pundits around, in the newsletter of the Strategic News Service:

Another level of chaos has come to us through the use of credit cards on the Net, linked to our digital IDs. At first, everything was great: the system worked, fraud was present but offset by fees, and the world had a new payments system. That was yesterday. Today, ID theft and card fraud are apparently out of control....

 Not long ago, I was told by a gas pump to check with personnel inside; I had driven my little sports car too quickly from the last gas station, and the system had rejected my card because it didn't think I could be me. Soon after that, the anti-fraud system on a different card allowed me to fly to Washington, DC, and charge something there, but not to charge something in New York, where I often travel. When I called the issuing bank, the implication was that I had failed the burden of duty of calling to inform the card company.

 I am used to informing these folks when I travel internationally, but -  "Do you mean I now have to call you every time I move from state to state?" I asked. "Because I am definitely going to shred the card before that ever happens." 

 A friend reported having had her card fraudulently used, so she canceled it and had another issued from the same New York bank. That, too, came back soon with fraudulent charges. My response: she wasn't a victim of ID theft; she was a victim of a bank that was lying to her about having been penetrated, with the thief getting card data access. Someone else at the table had also had bad charges on a card from the same bank.

 "Simple," I suggested. "Don't change cards; change banks." Can a whole bank be neutralized by a single attacker?  You bet.

Scary stuff from a fellow who knows.  But nothing compared to other items in Mark's highly respected newsletter: like when he gives us all chills, explaining about the back doors that have been designed into most chips originating in Taiwan, allowing outsiders who have a secret key to simply walk into your system. Those chips are everywhere, including all U.S. defense machinery. Now what could those back doors be for?

== The end of credit cards and passwords? ==

endMark Anderson paints a daunting picture of our future Internet, fraught with viruses, worms, moles, backdoors and a bestiary of other ways that our secrets -- from passwords to credit cards to life histories -- can and will be betrayed.  The "cypherpunk" dream is to prevent all of this by encrypting everything behind  layers of shrouds -- the biological analogue: fighting viruses by thickening your cell walls and making them less permeable.  One can only take that so far before the cells become incapable of interacting with each other. And then die.

Despite an admitted romantic allure, such cypher methods can never be verified, they defy auditing, and they can be suborned or backdoor penetrated by elites. Indeed, the system's opacity makes it hard to detect or repair mistakes. All of which I detailed in The Transparent Society: Will Technology Force us to choose between Privacy and Freedom?

Face it, we in the Western Enlightenment will never excel at skulking and shrouds and games of deceit.  Oh, I'm sure our paid protectors have done many clever things: perhaps those "backdoors" that exist in Taiwanese chips and codes contain DOUBLE back doors, that were counter-scammed by the NSA. Our spymasters doubtless have many layers and ingenious processes afoot... and so do some of the "anonymous" hackers... and it will all be for naught over the long run, as education and sheer numbers bring our adversaries (national, corporate, criminal etc) into greater technological parity.  At which point their cultural comfort with such cryptic games will turn to their advantage.

marketsAs I've sad in places like The Transparent Society, there is another way.  We in the Western Enlightenment have a tool that suits our cultural leanings, our talents and our creative bent.  That tool is light... openness.  The transparency that for 200 years turned competition into the greatest creative force ever seen.  Markets, democracy and science all work better in light, when the participants (voters, customers, researchers) can make informed- Hayekian decisions.  These arenas clog, choke and start to die when secrecy reigns.

I'm not proclaiming we should drop all efforts in the skulking war of worms and counter worms.  In fact, the looming failure of password-based systems (credit cards etc) can be solved with new, transparency-based methods.  Google plans to emphasize the obvious - biomentrics - but there are other techniques even simpler and great business models that could be built from them.

This cyber-era replicates a billion years of evolution, when parasites ravaged, then reached balance with the immune systems of metazoan life forms. We are replicating all of that in a few dozen years, praying we can fine tune our info-immune systems in time.  Fine, let's invest.

But over the long run, what ambient conditions favor our kind of society?  A future that grows steadily less secret and more light-filled is the only one that inherently advantages the Enlightenment West, whose very name contains the key ingredient.  All of our adversaries are allergic to such conditions.  In an open world, they will have to become more like us, not less.


reformed tourist said...

I do hope, Dr. Brin, that this post isn't a sad byproduct of the purchase transaction you mentioned you were about to make in the previous thread...

Daniel Copeland said...

I can't see this happening. Well, perhaps temporarily. At present, governments and people who sell them surveillance equipment have a strong motive to improve their facial (and other) recognition software. When this gets good enough and cheap enough, some bright spark is bound to replace the "username & password" part of her newly-designed app with a "please smile at the camera" input. And from then on -- farewell passwords, farewell identity theft. Perhaps, even, farewell carrying your own devices around at all, because you can just face the nearest electronic wall panel and it'll know who you are.

Alfred Differ said...

Anti-repudiation procedures are the key I think. I might want encryption to hide my secrets in cells I do not want interacting with others (nucleus membrane?), but I also want encryption to prove my identity when I digitally sign transactions.

I want to do business with others who will ONLY do business with me when they can authenticate me as me. I want financial services from providers who will not authorize ANY transaction that cannot be associated to authenticated parties on each end. I want financial services from a provider that will be liable if they fail to authenticate us. I want ID services from a provider that I can trust to authenticate my signature when it is me and is liable if they fail to follow their rigid process. I also want competition in all of these services and have little interest in tolerating that they be provided by any level of government.

If my ID service provider thinks they can do this with user names and passwords, so be it. I know better though. We will need at least two factor authentications and maybe three. If we can get this from competing market providers, I’d be willing to trust voter registration to them too and would argue for stripping that power from the State.

Of course, I’ll also want some financial services from a provider of anonymity. Who wouldn’t? Some forms of currency should be like bearer bonds for the same reason that some weapons should be protected from registration in the Jeffersonian sense.

Doug S. said...

When this gets good enough and cheap enough, some bright spark is bound to replace the "username & password" part of her newly-designed app with a "please smile at the camera" input. And from then on -- farewell passwords, farewell identity theft.

And anyone who can put a photograph of you in front of a camera will be able to claim to be you. Good luck with that.

Daniel Copeland said...

And anyone who can put a photograph of you in front of a camera will be able to claim to be you. Good luck with that.

Unless it was two video cameras, recording a 3D feed? I think we will eventually reach the point where our computers are better at telling us apart than we are. After that, we'll just have to trust them -- human-eye recognition will count for nothing.

Randolph King said...

Why must I be held responsible when someone claims to be me? The credit card companies and the companies selling goods should be the ones held accountable. In their greed to get cuts of people's money, they are not doing due diligence to make sure the person is who they claim to be. Until we hold these companies accountable, we won't make any headway in this problem.

Tony Fisk said...

Face recognition is another set of data to be forged. Just bigger, is all.

A little piece of fiction I wrote on counters to the cyber-griefing phenomenon in IFTF's 'Superstruct'. I simply extended what I know of the role of Certification Authorities. It is still about maintaining trust.

Really, though, what we need are... Lensmen!

(although even their integrity was starting to be undermined at the end: useless sub-omniscient Arisians, even if they did predict it!!)

(er... trairlov... 1573? I bet there are now bots able to interpret capchas faster than I can!)

duncan cairncross said...

If facial recognition is too easy how about 3d scanning


This blew me away!

ZarPaulus said...

Maybe I missed something here. How would transparency decrease identity theft and all those other problems?

Tim H. said...

When the tech's ready, a fresh drop of blood will be required to complete large transactions. Interesting question, will it be developed first for I. D. or diagnostics?

kramer said...

When the cost is high enough banks will implement more effective controls. A simple one would be to have you receive a text with every charge that requires a response in order to complete the transaction. (cap-one is already 1/2 way there) Currently our system seems to be the easiest target. Banks would rather hassle you or increase fees then improve their systems. Government assistance in limiting how much of the burden can be shifted to consumers might help.

locunranch said...

You guys are chasing your sheepish tails.

By definition, increased data accessibility means "increased
data accessibility", and more expensive & cumbersome security will merely represent a temporary fix that will be easily overcome with similarly more expensive & cumbersome penetration techniques.

All your passwords, digitized secrets, sexual peccadilloes & EMRs are out there on the information highway, accessible to others as easily as they are accessible to you & your financial intermediaries or they wouldn't serve their stated purpose: Increased accessibility.

Of course, you could rely on hard currency, paper checks & balances and/or snail mail in the name of "improved security" but a determined thief will simply make a "hard withdrawal" using more time honored techniques like physical violence or check fraud.

Sheep, by definition, get sheared: Baa-baa.


sociotard said...

Reminds me of Davids suggestion that we should accept our SS numbers as just another name, but stop using them as passwords.

Alfred Differ said...

Until the facial recognition software is backed by sophisticated AI's I think we will stay ahead of them for some time. We do a lot more than match visual data when we recognize someone. As the arms race continues we will move from captcha style use of neural networks to detect people to full motion and state recognition to detect people. Mostly it will be people doing what the systems can't yet distinguish and other people validating, I suspect.

The arms race will keep going. I see no way to stop it and I'm not even tempted to try. I WANT some of the products that are likely to get built in that race.

As part of the fix for this, we really should band together and tell the credit companies to stick it where the sun don't shine when they try to hold us liable for their failure to authenticate the parties in a transaction. Terms like that in our contracts should be outlawed as theft.

Acacia H. said...

@locunranch - One or two posts back I posted a URL for an article on self-destruct encryption. This would allow journalists, for example, to send an encrypted video file to another site and have it removed from their device. The software could easily be used to encrypt passwords and the like, meaning that when you send your password to a site, it's encrypted and Malware cannot snag it because of said encryption. Transactions and the like would also be protected. Thus this self-destruct encryption could protect all sorts of things... and malware and hackers would be unable to steal this data because of its very nature.

Rob H.

David Brin said...

ZerPaulus, sorry but it is a matter of mental obstinacy. No one ever thinks of transparency solutions to problems. Their reflex is always to try to "solve" them by shutting down info flows.

But cyber ID theft would and will go away as soon as online life replicates real life. In real life, when you are at a store and you overhear some one claim "I am Zer Paulus" -- you are able then to say "No you're not!" The guy flees because he knows he cannot stand side by side scrutiny.

So why can your imagination not styretch to a near future when you are simply informed whenever ZerPaulus is trying to do a transaction? 99.999% of the time it will be what you are doing and it will be dismissed as a simple haptic feedback response to your current actions.

0.001% of the time you'll say, "wait, that's not me." WHy is that so hard to grasp?

Jonathan S. said...

"So why can your imagination not styretch to a near future when you are simply informed whenever ZerPaulus is trying to do a transaction?"

Last year, I filed my tax returns through H&R Block, opting for deposit to a Block-issued debit card because I didn't have a bank account and this was the fastest way to get the refund. I checked one extra box on the form, and included my cellphone number.

Every time I used the card to make a purchase or withdraw cash from an ATM, I received an automated text, directed to my phone from Block's pet bank, so that I might be sure all the card usage was my own. Seemed pretty secure to me...

duncan cairncross said...

Here in NZ we do most transactions using online banking

If I "spend" more than $300 in an online transaction the bank texts a code number to my mobile phone which I have to enter on my computer

Over 10 years ago in the UK the Royal Bank of Scotland used to have photo ID on their credit cards - the signature was also etched on the card before it was sent out
I remember talking with the bank and being told the fraud rate on the photo cards was zero - stolen ones were just thrown away

Then they were discontinued!!!!
No fraud = no excuse for high charges

Anonymous said...

David Brin and Jonathan S.:

Voluntary transparency is not secure.

You could get spammed with false notifications from a bot-net saying that you are trying to purchase something. Or you go to purchase something, and the store gets a false rejection. Or someone else starts getting false notifications or false purchases or false denials of someone's ID - and the trail leads back to your (malware infested) device.

The only transparency that might work, would be 100% involuntary transparency, so anyone faking you or harrassing you will certainly be caught.

LME said...

Complete transparency is the only way, if it is universally the case. Orwell's vision of one-way transparency is the nightmare we may otherwise face.

LarryHart said...


Reminds me of Davids suggestion that we should accept our SS numbers as just another name, but stop using them as passwords.

For YEARS, I've been thinking that instead of fruitlessly trying to keep our Social Security numbers and birthdates secret, we should simply stop trying to pretend that anyone who knows my Social Security number and/or birthdate must be me. The premise just isn't true.

Unknown said...


David Brin said...

Good stuff!

Oh I bought to top of the line iMac. Generally pretty happy but still haven't inloaded Quickeys and will cry if it doesn't work.

Got bunches of questions like where the LIBRARY of old calendar items was kept on my G5 and where I can put them in the new machine so's the program can see em.

Tim H. said...

But that should only be a concern if migration assistant misses...which has happened to me, recommend backing up, and you may be able to export events from the G5, sorry I've no more details, I barely touch calendering programs.

David Brin said...

Just wondering where such programs keep their data files, nowadays...

Paul451 said...

Jonathan S.,
"a Block-issued debit card [...] Every time I used the card to make a purchase or withdraw cash from an ATM, I received an automated text, directed to my phone from Block's pet bank, so that I might be sure all the card usage was my own. Seemed pretty secure to me..."

What would have been required for you to change that contact number? And would you have been liable (no charge-back) if your phone and debit card were physically stolen?

A system is only as secure as its weakest point.

Good luck on the upgrade. Weirdly terrifying experience. I worried less about moving flats than I did about upgrading from XP to Win7.

(Which means, of course, that I can't help with info about your new toy. Other than perhaps a bitchy comment about how I thought stuff on Macs was supposed to "just work"...)

My next trick is trying to upgrade graphic cards on my hundred-year-old system. Motherboard uses PCI v1.0 and I have no way of working out whether any modern cards are genuinely "backwards compatible" without spending enough money that it'd be cheaper to upgrade the whole system.

Emailed the help-desk of the company which made both the mother-board and old graphics card to ask if any of their new cards would be compatible with their motherboard and got back a ESL-reply about talking to my local computer store or trying several different brands. Gee thanks Gigabyte, way to win sales.

Unknown said...

Google plans to emphasize the obvious - biomentrics - but there are other techniques even simpler and great business models that could be built from them.

Was the margin of the web page too small to even post a link to one of these simpler techniques, or did you leave it as an exercise to the reader to go find them?

Paul451 said...

Looking at the recent killing of former-LAPD-turned-murderer Christopher Dorner. It now seems to be standard police tactics now to run the suspect into a securable area, set snipers on all exists, send in a demolition team to open a breach in a wall/door/window, then fire incendiary grenades (aka "burners") through the gap to set the building on fire. Peppering fresh burners to ensure an even demolition of the building. If he leaves the building, he's hit by snipers, if he stays he's forced to commit suicide to avoid being burned alive. Ie, the old Hollywood image of the commander or negotiator trying to talk the suspect into surrendering via bullhorn isn't even an option any more.

But regardless of the merits or morality of the new technique, or the actions of Dorner that led to his demise, it is interesting to see the media cooperation during the final kill. Stopping or restricting live video (which would show the breach & burn technique), consistently reporting that the police fired "tear gas" or, at most, "incendiary tear gas" whatever that means, instead of reporting what they actually saw or heard on the police scanners. Likewise, under-reports the killing of two innocents by police during the previous attempt at trapping and killing Dorner. It seems that the media supports the police's PR assumption that the public isn't ready to really understand the callousness of the new technique. (Leaving actual reporting to niche-media and anti-gov conspiracy nuts.)

[The name rule: In this case, Dorner's story is more than just his crime. Ex-soldier, turned cop, turned whistle-blower, turned killer, turned trapped animal. This is more than the usual killer, so it's important to use his name.]

Paul451 said...

It now seems to be standard police tactics now

And if not now, now when?

Tim H. said...

This article had a couple of command line tools you'll need if you go spelunking for files:
Apple's getting a bit prude about covering the unix underpinnings, but in fairness, a user could easily rove things up badly in there, but if you've gotta' peek, try this in terminal:
defaults write com.apple.finder AppleShowAllFiles TRUE
finder will need to be restarted for this to work, to hide the clutter when you've had your peek, reenter the same command with FALSE at the end and restart finder.

Tim H. said...

Concerning police tactics, if you're dealing with a Jimmy Lee Dykes, it's not a bad thing. Go here:
Look for: "Here's to the jackbooted thugs!"

Paul451 said...

Tim H,
My point wasn't whether the tactic was valid, but that the police lie about it to the public, and the news media is happy to support and repeat the lie.

There's an audio recording of the police communications during the siege. Speaking of beginning the "plan from this morning", moving in with the "burners" (slang for incendiary grenades the police got from the military after 9/11.) That the snipers heard just one shot coming from the cabin (Dorner's suicide?). The efforts to get an even burn across the building. (There are also people who have reported hearing the same thing on police scanners.)

But... the police repeatedly called the fire an accident caused by tear gas cannisters. Bluntly stating that they would never plan to set fire to a building. And it gets repeated without challenge by the news media.

So it's a clear tactic that must be trained for, has special equipment for, and yet is lied about because, presumably, the public isn't ready to hear about it. And the media goes along with the suppression, in the name of "operational security".

Paul451 said...

If anyone is curious:


"We're gonna go forward with the plan, with the burn... Just like we talked about... Seven burners deployed and we have a fire..."

Mel said...

The original biometric ID is already falling. Frontline did a documentary about fingerprint analysis bringing up spurious accusations. It seems that while fingerprints might be unique, they are not unique enough.

In the old days, when the Continental Op could build up a suspect list from people who had been in San Francisco, and near the Montgomery Hotel, on a particular day, then fingerprint ID could be useful to sort out the involved from the uninvolved. (Fingerprints played no part in that particular story; I just wanted names I could use and deny choosing them on purpose.)

That's not what happens now. Prints are lifted and submitted to nationwide or worldwide databases. There's enough of a Birthday Paradox at that scale to bring all kinds of people into the net. It might even be that DNA ID could get that way, once we make it big enough.

sociotard said...

Remember that awesome Mythbusters episode where they fooled the biometric scanner with copied fingerprints?

Jumper said...

To follow up sociotard's point, there was the ploy where the bad guys tear out the eyeball to gain entrance to the retinal-scan device, or now it's extract my blood to get into my workplace - so many of these schemes seem devised by idiots who would actually increase the consequences to me if someone was determined enough.

The one in David's main article, about the back-door chips hidden in so many devices, is the one I don't like. And I think I know where much of the blur is coming from. Because a random sampling of outsourced chips could be done at fairly low cost and simply do some photo comparisons between design and the final chip. But when the plan begins to be done by outsiders, the original insiders may be hesitant to talk about it because they were doing it first.

Acacia H. said...

I still think a thumbprint scanner would work better than credit card signatures. The technology exists already with laser scanners. And it would be more problem than it's worth for the average credit card thief to try to acquire someone's thumbprint. I mean, how are they going to put a stray thumb under the scanner without someone looking askew? ;) Not to mention you now have a criminal wanted for mutilation rather than petty theft.

Of course, determined hackers would just insert into the system the new thumbprint, but that's a matter of system security on the bank's level, and requires far more resources than a number of credit card frauders would be able to use.

ROb H.

sociotard said...

so many of these schemes seem devised by idiots who would actually increase the consequences to me if someone was determined enough
Or the subdermal microchip thing. Bad guys come and cut them out. Or stick their in you and leave you to explain to the killbots you aren't the bad guy.

I mean, how are they going to put a stray thumb under the scanner without someone looking askew?

They wouldn't. The Mythbusters just lifted a thumbprint off a dirty glass, then used a copy of it on the scanner. You have to work harder if people are watching, but it can be done with cosmetics and a little latex. like Mission Impossible, but much simpler.

Anonymous said...

I dunno about fingerprints as ID. Not without a way of verifying that they are still attached to a living finger:

"The attackers forced Mr Kumaran to put his finger on the security panel to start the vehicle, bundled him into the back seat and drove off.

But having stripped the car, the thieves became frustrated when they wanted to restart it. They found they again could not bypass the immobiliser, which needs the owner's fingerprint to disarm it.

They stripped Mr Kumaran naked and left him by the side of the road - but not before cutting off the end of his index finger with a machete."


locumranch said...

Whole topic is a bit of a probability fallacy, amounting to less than or equal to 5% of total global commerce.

The 2012 Report to Nations estimated that global fraud amounted to 5% of total global economic expenditures: www.acfe.com/uploadedFiles/ACFE.../2012-report-to-nations.pdf

Additional sources estimate that E-commerce fraud accounted for approximately 3.4 % of total E-commerce traffic: www.rsa.com/products/EDS/.../11783_WP_eCOMM_0712.pdf

That means that e-commerce is ONLY 95 to 97% safe. How horrifying !!! Let's abandon E-commerce as a lost cause !


David Brin said...

inneresting comments Been busy training the new iMac... but appreciate the interesting and somewhat scary insights...

will report more soon

Ian said...

Systems don't need to be 100% effective - people have been writing bad checks, for example, for centuries.

They just have to be effective enough to deter most of the crooks, most of the time.

Yes, a thief could, for example, steal your credit card and mobile phone, hack a computer system to discover your pin and then somehow work out the pin to unlock your phone in order to respond to the SMS with the second password they need to get a credit card transaction approved.

Or, seeing as they've gone to the trouble of stealing your credit card and phone. They could just use the card to buy stuff (electing to sign rather than use a PIN) and then return it for a cash refund and then sell your phone.

Paul451 said...

Re: Kidnapping/thumb-cutting car-jack.
Dumb security. Common sense says you let the car start and drive away, while sending a silent GPS-alert to the security-company and/or police, then cut out the immobiliser somewhere very public. (Ideally, you use it to track and trap the thieves, if police are on the ball.)

Paul451 said...

How much of that fraud comparison is with consumer-level trade?

Ian said...

Lockheed Martin is teaming up with Sierra Nevada to back their Dream Chaser spaceplane project.


Paul451 said...

Small meteor fireball exploded over northern Russian towns. Reports of 500 injured, pictures of buildings damaged.

Ian said...


CS , the most common form of tear gas,is actually a solid at room temperature

In order to produce an aerosol, CS gas grenades either contain a mixture of CS and a flammable substance that's set on fire or a solution of CS in an organic solvent that's aerosolized by an explosive charge.

Either way there's a risk of fire.

Smoke grenades typically contain a mix of white Phosphorus and a colored dye. Same story.

This has been the case as long as tear gas has been in use for crowd control.

So it's not new and its not a conspiracy.

Paul451 said...

Reports of widespread panic. I laughed at the ignorant backwoods yokels... and then...


Yeah. That.

Paul451 said...

The canisters in question contain 68% thermite, 29% barium nitrate, sulfur and a binder. Military surplus that was donated to the various police forces after 9/11. The military call it an "incendiary grenade".

The sheriff even mentioned the model number when he listed the types of "tear-gas cannisters" used.

Video of some Marines goofing around with one: http://www.youtube.com/watch?v=oiRJj2oRWnM

No one can confuse a dedicated incendiary device with tear gas or a smoke bomb.

Ian said...

Paul, I'm going to go to bed shortly but I've been looking for a more detailed description than "pyrotechnic tear gas canister" in media reports and am yet to find one.

locumranch said...

Paul451 asks "How much of that fraud comparison is with consumer-level trade?", and the answer appears to be very little.

The 5% of global costs figure applies to all sorts (but mostly corporate) fraud. The 3.4 % e-commerce fraud figure applies to consumer-based credit cards & interbank wire transfers.

Another study ["Measuring the Cost of Cybercrime", weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf] sets the direct cybercrime costs at a pittance, arguing that defensive & indirect costs (ie. responses to cybercrime) cost society more by "an order of magnitude". As an example, the study refers to the 2010 botnet (spam) scare which earned its creators an estimated 2.7 Million dollars but cost society a disproportionate 1 Billion dollars in defensive costs.

It follows that our social response to cyber, e-commerce & credit card fraud amounts to global hysteria because it is irrational, exaggerated & disproportionate. Globally speaking, we're just a flock of Chicken Littles who run around screaming "The sky is falling, the sky is falling" when we run into the least little setback.

Human nature appears to be a study in the disproportionate response.


Alfred Differ said...

No one is going to eliminate every possible path to identity fraud, but suffering a few percentage points of fraud is intolerable when the credit companies try to foist the liability back on us.

Fingerprint scanning isn't good enough on a large scale largely because we don't actually capture the entire fingerprint. Points on the print are captured and relationships between them are encoded. It is the reduced set that gets compared against the databases. Avoiding multiple hits requires capturing more data up front, but doing so won't help much when the database is filled with data using the older methods.

Multi-factor identification systems are the way to go. A fingerprint is something I have. Combine that with something I know (a pin or longer passphrase) and you have two factors. I could use a smart-card with a digital cert and a pin as well and would be inclined to do that because the cert can increase in size as years go by to keep ahead of the computing power people have who would try to crack it.

There is no reason we couldn't set up two and three factor ID systems for financial transactions and use the weaker methods for the tiniest amounts to keep things easy. Large loan docs and credit agreements might require the most authentication and the time the deal is closed while coffee purchases at the cafe might get done by waving your card at a reader.

This stuff is solvable. It requires us to push the liability back onto the creditors, though. We shouldn't tolerate them blaming us for not verifying us.