Comments | richdrich: Why can't I create a contract on the net?

richdrich

Why can't I create a contract on the net?

Mar 08, 2010 12:21

So rikan_feral is peeved that a business won't accept an email to create a contract.

There is quite a good reason for this. (I'm talking mostly here about *unknown* party transactions. Once the two parties have verified each other, as when you visit a bank branch with your ID, then the situation changes).

The hierarchy of authentication in the traditional ( Read more... )

Comments 5

ferrouswheel March 7 2010, 23:50:46 UTC

...which is why the majority of business seems to be done between people that already know each other - an implicit "web of trust". I've signed, scanned, and emailed contracts for the last two years. No one seems to have an issue, but that I'll admit is because they've met me.

Business is based on trust, if people end up in a situation where they are pointing at contracts and saying "Look! You signed this!" then trust has already been broken.

But then I'm an idealist with no real business experience. I wouldn't be surprised if in actuality there were large amounts of people out there trying to screw each other over.

richdrich March 8 2010, 00:41:20 UTC

Yes, but not many people have personal relationships with insurance companies, utilities and the like?

(The comment has been removed)

richdrich March 8 2010, 00:38:15 UTC

Indeed, but no bank offers that service AFAIK. They don't even offer a way of emailing a payment request that can be used to create an automatic payment without retyping the account details.

They do however offer the equivalent of a D/D on credit cards. With a hefty merchant fee, partly to pay for the higher incidence of fraud.

BTW, do you know how direct debits work? The company uploads a file to the bank with a list of bank account numbers and amounts. *Any* bank account numbers. They are trusted by the bank to get it right (and probably penalised if they stuff up).

richyrichracing March 8 2010, 09:32:53 UTC

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've thought for a while that ppk encryption would be a good way to get around the ID card issue.

If every citized generated a ppk-pair and kept their private key, a copy of the public keys could be stored by the government. They wouldn't really need any more data than this, although they would probably want more :( Proving your identity would be essentially then be reduced to being able to decypher messages which were encoded with your public key.

The government could also countersign your key, which would give the web of trust idea much more credence. If your key was signed by the government you possibly could start using it for the stuff you're talking about above, right? Certainly more reliable than having it signed by D4vr0s at a key signing party in slimelights...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)

iEYEARECAAYFAkuUxAEACgkQ7An5rlvnHhNY1ACg6tu+xgJfarwO45XMbFVS44F4
v/oAnAgjwFYk9ULP1opObpHumyHe8YQv
=oEHl
-----END PGP SIGNATURE-----

(The comment has been removed)

richyrichracing March 8 2010, 19:29:58 UTC

Dunno where you are, but smile bank in the UK have this. They send emails too, but the emails only ever say 'we've sent you a secure message, log in to read it' which sort of makes phishing attacks harder - although obviously not enough as they've just introduced card-readers which mean that in order to do any transactions on-line you now have to carry around a big blue plastic fisher price calculator thing...