[ExI] Verification
Adrian Tymes
atymes at gmail.com
Fri Aug 9 18:12:27 UTC 2013
On Aug 8, 2013 8:49 PM, "Anders Sandberg" <anders at aleph.se> wrote:
> I think there is no general solution if dealing with the domain of people
and human institutions; the best you can do is to define an explicit
procedure your company use to determine who gets what (and then you better
put some of your most devious friends to game it, to figure out how it can
be hacked). Often the solution is to use trusted third parties (banks,
government, etc) that makes it costly for A or C to fake things. As long as
the cost or hassle is big enough, there will be little abuse.
You can also, if this is an institutional user, insist upon account
creation on some Z that is also employed by S. That way, you don't have a
single point of failure. Of course, either A or C could collaborate with Z
to defraud S, but the odds of this are lower. (More importantly, from your
business's point of view, you're likely off the hook if that does happen:
you don't need to absolutely prevent fraud, just enough to prevent legal
liability.)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20130809/78be6f26/attachment.html>
More information about the extropy-chat
mailing list