RAW Hacking, How different GM's handle problems Options

[kigmatzomat]

Well, yeah. If it costs you 2 nuyen to do a Valid/Invalid SIN check, and 20 nuyen to actually verify the name and face (which requires a few more database queries), you're only going to use those in-depth services when the purchase will still offer a profit. It's a bit silly to assume that the megas offer free background checks, so it's fair to assume that retail businesses will only pay for those services when they stand to be implicated in identity fraud (by helping the runner steal John Doe's money).

This undermines the currency system though. If you don;t check (ever) on small transactions, I can undermine the entire system by buying crap from vending machines and apple itunes. Each individual actor has no incentive to ever check, so no-one will ever check collectively.

No more so than identity theft or credit fraud already does. As it stands, credit agencies don't verify transactions under a certain threshold, that's why you can buy fast food without a signature. The fast food places consider the expense of tracking signed receipts greater than the expense of eating disputed charges.

Why would that change in the future? There's no real difference in business operations between credit fraud and shoplifting. If an item is lost or a charge disputed, the cost gets eaten by the store. If the cost of loss is acceptable relative to the expense of improved security, the company continues operating as-is. Only a swing in the balance sheet or some external force (like Visa threatening to retract card rights at a store) will justify implementing better security.

Market forces would almost guarantee that some vendors of low margin items in low-crime areas would operate using low-cost/high-risk transactions to either undercut the competition or increase margins.

The only time it becomes an issue is if it afflicts a significant percentage of an economy's GDP.

[kzt]

No more so than identity theft or credit fraud already does. As it stands, credit agencies don't verify transactions under a certain threshold, that's why you can buy fast food without a signature. The fast food places consider the expense of tracking signed receipts greater than the expense of eating disputed charges.

But they do track them. They just don't require Id for them. The transactions go into their main data base and get run through the anomaly detection routines like all other transactions. If you want to see for yourself, go to a gas station with 6 friends and their cars and use your visa card to pay for all of their gas, one right after another. You won't sign anything, but it's pretty unlikely that you'll get gas in all 7 cars, as you'll hit one of the anti-theft tripwires used by the credit card companies.

[kigmatzomat]

That's because if a single charge is disputed, the store takes a hit for not verifying the identity by checking the buyer's ID and signature. But if a card is stolen it becomes a liability to the credit card company as they often promise credit protection to their users. In this case the risk/damage to the bank is very high while the expense of tracking is relatively low given they already have the massive servers in place.

So if a flurry of un-verified requests come through that are atypical, the card gets flagged, the card holder contacted and/or the card is temporarily frozen.

But if you visit six different gas stations over the course of a couple hours with that stolen card to buy $30 worth of stuff, nothing happens at all because that isn't really atypical behavior for someone out driving around so it won't twig a security alert.

Going back to the original example, hitting a couple of vending machines isn't necessarily enough to cause an alert. It would be even less so if you spoof multiple people.

As long as there is profit after the losses and the cost of improved security is greater than the value of those losses, there will be plenty of unverified transactions in the world.