I see this attitude a lot on
In this case it turns out that it wasn't actually secure, which raises concern about whether the protocol was subject to adequate public scrutiny before it was decided to employ on such a massive scale. But do you have any reason to say that they aren't actually interested in preventing fraud?
Are there more secure methods that they are refusing to employ? Or are you saying that the problem of secure authentication is inherently unsolvable, and that they should just give up and resign themselves to laughable measures like signatures and card numbers?