The credit card company is assuming the risk, not you. Since when did Master Card have the power to deputize you and turn you into a mini police detective? They set up a system, it's their responsibility to ensure that their business model works. For that they earn billions of dollars, and you don't.
While it would be nice if that was the case, it isn't. If someone walks out of my store with a $500 laptop computer paid for with a stolen credit card, I'm out the merchandise and the revenue when the actual card owner issues a chargeback. Think all I have to do is provide a signed charge slip to get my money back? Then you probably have never experienced the joys of attempting to do battle with a credit card company. Part of the reason that they earn billions of dollars and I don't is because they have entire departments dedicated to putting the burden of risk on the merchant and not the card issuer.
read an actual merchant agreement some time (the one between the business and visa)
merchants are FORBIDDEN to ask for ID as a condition of using a credit card...
if the signature is good, and the card is present, you may NOT ask for ID just because its a credit card.
if you require ID of all purchasers say, for a hotel, you can ask for ID.. but not just because it is a credit card.....
doing so violates CC agreements.
(merchants aren't even supposed to accept cards that say CID or SEE ID)
if it is UNSIGNED, we are to request ID, then get the card holder to sign the card before accepting.
(I have a merchant agreement, I've read it, and I've read the merchant operations PDF's at the major sites)
Keep in mind that I said they have the right to "verify identity" not ask for I.D. My point is simply that most merchants will ask customers for I.D. regardless of what the merchant agreement says. Once the privacy balance is shifted in favor of crooks and those who make a living from fraudulent activity, it won't take long for businesses to stop accepting credit cards. It would make much more sense to me to focus on creating legislation aimed at those who improperly use or fail to secure personal data.
Why does it take so long for someone to finally challenge crap like this? Every time someone asks me for this kind of information at the register it just makes me mad... with so many other ways to validate my identity there is zero excuse for exposing this kind of data to retailers.
Here's to hoping this cascades to other states... who am I kidding, somewhere a lobbyist is talking with a CA state senator about when and how quickly they can amend the law.
So how would you suggest that a merchant validate your identity without revealing any personal information? As a business owner, I have no interest at all in seeing this type of information but I still must have a way to protect my business against fraud.