solution. But I am not comfortable with that, because if Verisign’s data centers were to blow up, people would have little recourse.

Despite the security flaws, electronic banking works fairly well. I worked in a retail company as the chief technology officer years ago, and I moved to a bank from there. I was amazed to find that the retail databases and systems had much more security than the banking systems at that time. Interbank wire transfers and the like were done in a rudimentary fashion. Anyone who knew the system could break it or cause damage. But the reality is that there was very little loss. There were reciprocal agreements between banks. If I sent you a $100 million transfer and realize this afternoon that, oops, it was fraudulent, then the receiving bank will give it back, in most cases. In banking, when you get to the top, only a few people are necessary to make a phone call to gain agreement that, “Yes, we’ll take care of that.” Although real attacks have been made against our systems, if you want to steal a million dollars, it is still much easier to make friends with the branch manager than to figure out how to break into the automated money transfer systems. Security technology has tended to stay a step ahead of what is practical in the world of financial fraud.

To get back to the beginning of this talk, the definition of “good enough” security depends on the problem to be solved—four-digit PINs may be sufficient in many cases. However, for the purpose of this study, limiting the solution to school or public library computers is vastly different from the problem of identifying a 9-year-old using any computer to access the Web. Most of the computers to which children have access probably will not be run by federal, state, or local governments.³ A strong identification process will be required.