AmEx New online shopping ideas (American Express)

Member Name: healyron

Product:	American Express
Date:	12/09/00 (634 review reads)
Rating:

Advantages: safer

Disadvantages: not impossible to crack

Most people who have tried on-line shopping would agree that when you get it right it is well worth the effort. However, getting it right can take some effort - searching, form-filling, worrying whether the site is a scam etc... but it is still easier than walking round the shops on a busy Saturday afternoon. The only drawbacks, for me, are (1)you have to wait for the goods to arrive (unless it's a software download) and (2)you have to have, and provide details of, a credit card.

The second of these disadvantages is the one most people cite when explaining why they feel uneasy about on-line purchases. They insist that the potential for some unscrupulous hacker or web-site owner to exploit your c/card number is too high. And they're right. It's too high, but not nearly as bad as giving it to someone over the phone or in a restaurant etc. The card numbers can be copied and used fraudently at a later date, sometimes even with a new card made from those numbers to avoid 'postal' ordering, thereby avoiding a delivery address being traceable. This is one of the reasons why a lot of web-sites will only deliver to the address of the card-holder.

So, if there was a way to avoid all that risk, would more of us shop on the Net? Probably. Well, soon there will be.

American Express (should that be American Excuse?) are trialling a new payments system. It's so simple it should work and leaves me wondering why it was never done before.

You have your credit card as normal and American Express (naturally) knows the number of it since they issued it. When you want to buy something online you go to their site and ask for a purchase number (they apparently call it Private Payments, which sounds like a saucy 'Carry-On' type movie). The site then randomly generates a number, assigns it to your American Express account and allows one (and only one) purchase with that random number. When you go to buy something online and
input this new random number it automatically becomes void once used so anyone who 'scans' the Net for account numbers, or hacks shopper-sites to get them, will not be able to use them as they have already been used once!

There are obviously going to be some bugs to iron out but it seems like it should work and it should alleviate most (but probably not all) of the anxiety of on-line shopping.

The most obvious problems are these: If someone gets your actual c/card number (as can happen) then there's nothing to stop *them* going to AmEx website and randomly generating a number that they can use themselves. Fortunately they can be stopped once the card is reported missing but that's how it works already.

What happens if someone hacks the AmEx website or personal records and get the cards and number-generator that way?

Personally, I think it'll work. It would be made safer if the customer had a code number, like a PIN number, that must be used with all purchases, whether made with a random-number generator or otherwise, but it will never (and I mean never) be absolutely 100% safe to use a credit card anywhere.

Innovations like photo-credit cards, fingerprinted credit cards, voice-recognition or signature recognition software will all make it safer, but not entirely safe.

Just as an aside, I went to London recently, after borrowing a friend's credit card in case of emergencies. I used it to book the flights also. I used the card six times and not once did anyone suspect it wasn't my card...

But I still have to pay it all back.

Summary: