Successful auth is the issuing bank telling the merchant - 'yes, the customer has the funds and the money is yours for the taking via the capture request against this auth.' Which is a GUARANTEE. Yes, as a means of customer protection it expires if the merchant did not request the capture within a certain timeframe which is at least 2 weeks, 4 weeks in most cases.

For digital goods (and POS) this is a non-issue since the capture request is combined with the auth request. For physical goods - well if I'm a customer and the merchant hasn't shipped in 2+ weeks it's fair to me to get the hold removed from the funds my bank GUARANTEED to the merchant.

6 conf is a rule of thumb bitpay (and other bitcoin payment processors that I'm aware of) are following before GUARANTEEING the funds to the merchant. sure, if this is a P2P transaction and I was personally selling you $10 worth of merchandise I'd be ok with 1 conf, when talking 'industrial' scale payment acceptance things work just a little bit different.

So now in this particular case - steam can revoke the license if the payment eventually fails which is precisely why I think this sort of market is perfect for BTC (I commented on this in this thread).

And finally since you're claiming high tx fees are 'a far stronger guarantee of settlement than a cc authorization as it's way harder for the customer to reliably cheat you' - how would you cheat the merchant after the auth (let alone auth/capture) went through?

>Successful auth is the issuing bank telling the merchant - 'yes, the customer has the funds and the money is yours for the taking via the capture request against this auth.' Which is a GUARANTEE. Yes, as a means of customer protection it expires if the merchant did not request the capture within a certain timeframe which is at least 2 weeks, 4 weeks in most cases.

That's a pretty shitty guarantee when the bank can deny settlement anyways, and FWIW mine seem to expire in 5 days.

>6 conf is a rule of thumb bitpay (and other bitcoin payment processors that I'm aware of) are following before GUARANTEEING the funds to the merchant. sure, if this is a P2P transaction and I was personally selling you $10 worth of merchandise I'd be ok with 1 conf, when talking 'industrial' scale payment acceptance things work just a little bit different.

Unless you're talking about transactions worth tens of thousands of dollars it's simply not worth it for an attacker to even attempt such an attack (not that it'd be very likely work anyway).

And last I checked bitpay is just fine with 1 conf transactions and will happily tank the risk for you. I'd assume the risk is quite small since I haven't ever heard of such an attack actually happening.

>And finally since you're claiming high tx fees are 'a far stronger guarantee of settlement than a cc authorization as it's way harder for the customer to reliably cheat you' - how would you cheat the merchant after the auth (let alone auth/capture) went through?

I could just claim that the transaction was fraudulent. I could contact my bank and forward them a fake email from you claiming that the auth was an accident (done this before, although not with a fake email).

Oh, and most shockingly... I could just use a stolen card!

Even if the auth expires (5 days is probably the limit imposed by your payment processor although it's probably sufficient in most cases) - when you are ready to ship and do a capture against it, it'll fail so you know the guarantee provided to you when the original auth went through is no longer there.

bitpay - even if they were happy with 1 conf it would still mean 10 or so minutes before you are guaranteed your funds as a merchant. They are not, however - "When an invoice is complete, it means that BitPay.com has credited the merchant’s account for the invoice. Currently, 6 confirmation blocks on the bitcoin network are required for an invoice to be complete." (https://bitpay.com/docs/invoice-states) Although the merchants can take the risk of course, and if they are controlling the product after the sale (which is the case with Steam) - they are free to dispatch the goods when they please.

Fraud - sure, you're talking good ol' chargebacks and yes not having to deal with chargebacks is a good selling point for btc payment acceptance. These happen AFTER the settlement however. If the customer convinced their bank to remove the auth hold, then the capture the merchant performs before shipping would fail so you know that the guarantee the issuing bank provided is no longer there.

Again, bitcoin does have it's strengths in terms of being attractive to both the merchant and the buyer, transaction confirmation times is probably the single biggest weakness here especially compared to the way CC processing works.