This article is concerned with how losses should be allocated between account holders that are implicated in payment systems and the financial institutions that participate in those payment systems by acting as intermediaries between account holders. The account holders that are discussed in this article are not limited to individual consumers. This article also examines how an unauthorized transaction can be prevented and what this suggests about who should bear the loss of such a transaction. In doing so, this article looks at two moments at which an unauthorized payment transaction might be prevented: before the first unauthorized transaction, and after the first unauthorized transaction. This article examines five of the most common payment systemschecks, debit cards, ACH debits, wire transfers, and credit cards-and their general rules for allocating losses prior to and after execution of a payment transaction. The final section of this article considers recent developments in society and technology, notably the problems of Internet security and identity theft. This article asks whether the divergent approaches taken to the problem of unauthorized payment transactions should be unified. This article concludes by advocating, at least for small account holders, an approach based upon principles developed from the credit card system, even though these principles were not implicit in the minds of the drafters of the TILA.