Visit Your Local PBS Station PBS Home PBS Home Programs A-Z TV Schedules Watch Video Donate Shop PBS Search PBS
I, Cringely - The Survival of the Nerdiest with Robert X. Cringely
Search I,Cringely:

The Pulpit
The Pulpit

<< [ Bah Humbug! ]   |  Lie Back and Think of England  |   [ Why I Get the Big Bucks ] >>

Weekly Column

Lie Back and Think of England: Internet commerce has its risks, but we're not the ones who bear them.

Status: [CLOSED]
By Robert X. Cringely

Last Christmas the e-tailers were flush with VC dollars and Jeff Bezos was about to be TIME's Man of the Year. This year dot-com stocks are in the toilet and the trend is to lament the lack of growth in Internet commerce.  But the truth is that Internet sales are probably double what they were last year in the U.S. and up by a factor of 10 overseas. Where I come from doubling sales is a good thing and adding a zero at the end is just plain fantastic. For all our fascination with numbers and statistics it's the feeling we take away that counts and the feeling these days is far less enthusiastic than it was last year. Funny how that works.

And now security problems at have some people questioning the whole idea of using credit cards for online transactions. It's a fine subject about which to argue over holiday dinners, but the truth is that we are long past anything like a choice in these things. Credit cards are more a part of our lives than we like to admit and they aren't going away. Even the folks who moan the loudest still generally use them. Maybe people just like to complain. But the thing to concentrate on here is the risk really isn't being taken by us at all, but by the banks.

There was a time, back when I was a kid in Ohio, when my parents got their first credit card in the mail. My Dad already had a Sohio gas card and my Mom had a charge-a-plate from Higbee's Department Store but that first credit card was a wonder because it arrived as a complete surprise. Nobody had asked for it. One day an envelope came in the mail and it had this credit card — a BankAmeriCard — and the card could buy things straight away. It came with credit attached. This was an amazing thing, not because my parents were deadbeats but because this was 40 years ago and today's credit reporting systems did not even exist. The credit card issuer knew nothing about my parents' credit worthiness other than that they had a permanent address. Who were these people, these BankAmeriCard people, to send my father what was essentially money in the mail? Why would they do that?

My parents, while special to me, weren't all that extraordinary. Millions of other parents were receiving their own BankAmeriCards at exactly the same time. The Bank of America, which lived in those days in far off San Francisco, was the largest bank in the world and it was sending this money to people all over America. The extent of the Bank's largess was somewhere in the range of $600 million in credit shipped out by mail to total strangers with only a hope that these people would pay their credit card bill when it came. It was one of the greatest single risks in the history of American business. And it eventually (though far from immediately) paid off. Like it or not, our plastic economy was built on that calculated risk and over time our financial lives were changed forever as a result.

Today it is illegal to send unsolicited credit cards by mail. But the damage was already done and banks no longer need that particular tactic. We're all addicted to credit. Certainly I am.

The reason I mention any of this is because late last week it appears that lost to a computer cracker the credit card numbers of up to 3.7 million customers and I just want us all to see this crime in a particular historical context. It is a deplorable crime, of course, and certainly no good at all for or its customers. It shouldn't have happened and we can hope that Egghead will do what it takes to make sure it will never happen again, but the fact is it probably WILL happen again. Before we get crazy about the situation and come up with draconian defense mechanisms that we'll all end up hating I've got to point out that it really isn't as bad as you might think. No credit card holder is going to be stuck with a bigger bill to pay as a result of this theft. The credit card issuers have said they will cover any loss.

It's the old BankAmeriCard all over again. In order to build a new and potentially enormous business (e-commerce), the banks are willing to assume risk. The alternative, if you believe in e-commerce, is giving up that business to some other kind of payment system and the credit card companies fear end that far more than they fear a few million dollars in transaction losses. They are so eager, in fact, for credit card-based e-commerce to succeed that they've eliminated the old $50 maximum liability limit if your card was lost or stolen. Now if some yahoo uses your stolen Visa or MasterCard number to buy stuff online, the banks cover the whole thing.

Sure it's a drag to replace your card and to tell Earthlink to charge your Internet access on a new number. It's unnerving, too, to think that someone might try to use that stolen card number. But ultimately it is the system's problem, not ours. The banks need to make it work or they, not we, are out of business.

Egghead has been very quiet about what records were lost and to whom and frankly the company hasn't handled the situation very well. First they denied that any information was lost then couldn't say how much data was now in the hands of the bad guys. But information has been slowly appearing as damage is taking place. If there is any news in this particular column, it is that damage IS taking place. Credit cards were stolen and some of them have been used to make attempted purchases. This is according to trusted readers of this column who have been victimized.

I have readers who were told this week by Egghead that their records were lost and then were told separately by their credit card issuers that their credit cards were cancelled because of "suspicious activity." And this activity, in each case, involved attempts to charge purchases involving Russia. So it is a good bet that some of those 3.7 million credit card numbers have been stolen and have been used illegally.

Enter the lawyers. The banks can attempt to stop the illegal transactions as they come up for approval, but some will inevitably get through. And to cover those losses the banks will probably attack Egghead and the suppliers of its e-commerce software. After all it wasn't the credit card security system that was compromised: it was Egghead's customer database. Still, I'd say that right now Egghead stock is a good buy.

We're still in the early days of e-tailing and the bugs are far from worked out. But the credit card companies, which make billions on our need to buy stuff we don't really need, will see this through. The sad truth is that compared to the number of people who simply don't pay their credit card bills, this loss is minor. The financial systems already expect it and will continue to expect it even after all the parties in this particular fiasco have declared that it is all fixed and will never happen again. Yeah, right.

The automation that enables companies to extend us credit without knowing us does so by taking a statistical look at risk. We aren't individuals but populations. We are total strangers that are lumped into groups whose credit worthiness can be assessed with remarkable precision precisely because we are a group and aren't individuals. And part of that risk calculation says that 5-8 percent of the stuff we buy will never be paid for, at least not by us. That's an astounding loss rate yet it disappears in the even more astounding profits of credit card issuers. When was thelast time you heard of a credit card company going bust? My point exactly.

So read your bills closely when they arrive and contest any purchase that doesn't look familiar. Make as much noise as you can to keep the banks on top of this situation. Then have another cup of egg nog. And if you are like me, you'll charge it.

Comments from the Tribe

Status: [CLOSED] read all comments (0)