> An authorization token for a single transaction to a specific party for a specific amount could probably work without chargebacks.
1) This is precisely what you get from EMV transactions. A cryptogram covering these details, signed by your hardware token (card). Online transactions don't do this, it's true, but that's why we have the verified-by-visa type stuff. It's imperfect, I agree.
2) Chargebacks are still necessary, because it's not just about merchant overcharging or unauthorised transactions, it's about what happens when someone fails to ship, or sends you broken goods etc
1 was true, but is increasingly less true. You can purchase things on the web using Apple Pay, at least on some sites, which also produces one time use tokens.
A significant number of sites also use stripe, which produces merchant specific revocable tokens. This doesn’t eliminate merchant fraud risk, but it does vastly reduce the risk of your CC details being leaked.
on 2), the token must be for a specific amount, a merchant shouldn't be allowed to double dip or charge more unless he specifically asks authorization to do so.
On the merchant not delivering, I think this is really wrong. If you have a conflict with a merchant, I appreciate that reversing the payment is a convenient way to apply pressure but I think is not the fair way to do it. It should be legal process really (if it ever gets that far).
With EMV transactions this is the case. I'd like to see the system of home card-readers spread, though it would add friction to online purchases.
> On the merchant not delivering, I think this is really wrong.
It's not only a perfectly fair way of doing it (if the merchant wishes to dispute it they can go to the courts), it's often the only way to do it, as merchants often disappear or make themselves uncontactable, or may feel no need to comply with legal process in the purchaser's country of origin.
We have thousands of years of history of merchants ripping off consumers - "Caveat Emptor" for example. This is a measure to prevent the worst of it, and it creates a much safer market. Without it many people would just not transact with new entrants to the market, if at all.
1) This is precisely what you get from EMV transactions. A cryptogram covering these details, signed by your hardware token (card). Online transactions don't do this, it's true, but that's why we have the verified-by-visa type stuff. It's imperfect, I agree.
2) Chargebacks are still necessary, because it's not just about merchant overcharging or unauthorised transactions, it's about what happens when someone fails to ship, or sends you broken goods etc