Email based transactions kill the purpose of realtime.. i prefer an API of some sort with vendor user/pass on https or something.
soap xml anything like versign does email is taking a step back and i mean way back.. but good ideas coming in .. Customer Business Customization Teliax Inc Téléphone - Internationnal / Phone - Worldwide: +1-303-629-8304 Sans frais - Canada & É.-U./ Toll Free -.Canada & USA: +1-888-270-3688 Visitez-nous sur internet à/ Visit us on the Web: www.teliax.com > Danny Froberg wrote: >> Well maybe time to create such an entity, since none thats >> international / global exists, and it's definitely not cost efficient to >> signup with every local credit information system on the planet ;) >> >> Heck if I know, we need some way to protect ourselves. >> >> And the system wouldn't contain any credit information, only blacklists >> (or similar). >> >> Shoot some suggestions, regulatory considerations can be overcome in a >> wide variety of nations. >> >> Some kind of joint effort seems to be needed however. And a system like >> this would only work if quite a few companies joined in to provide data. >> >> I for one am quite willing to host the systems while it's being built, I >> can even foot the bill. Later if successful (working) we can figure >> something out if it turns into a high traffic/resource hog. >> >> Let me know if *anyone* would be interested... >> > Very interested. > > The poster's comment about using the MD5 sum of the CC# is very good. > What credit card number, officer? > > The way I would design it would be: > > The vendor, while opening a new account, would send an email to > [EMAIL PROTECTED] The email would contain: > > . MD5 sum of the CC# > . the first <n> digits of the CC# (unencrypted), enough to identify the > bank and country > . IP address > . callback telephone number > . name on card (?) > . billing address > . city/country. > > The name on the card might be useful in the case of a lost/stolen > wallet. The name loosely ties together all the cards in the wallet. > The billing address would also tie together the cards. > > The email reply would contain the country code of the CC and whether any > chargebacks had been received for that CC# or that IP. Also the country > of the IP. It would also contain the number of queries from other > vendors in the past <n> hours. > > When a chargeback was received, the vendor would send an email to > [EMAIL PROTECTED] with the CC# MD5 sum as the subject. The system > would register the complaint and then send an email to all those who had > queried on that CC#. An email would also be sent to all vendors who had > queried on the offenders IP. > > But this could go a lot further. "Friends and Family" is what it would > be called :-) When a chargeback is received, the offenders complete > Asterisk cdr would be emailed to [EMAIL PROTECTED] The system would > construct a graph (the calling tree) of the offender's calling and > called numbers (ranked by frequency of use) and reply to the vendor. > Whenever one of those numbers was called in the future, or whenever a > caller's CallerID matched, the vendor could have the account flagged for > investigation. > > The system could also build a combined (global) calling tree using all > submitted cdrs. Overlapping calling trees would give good insight. > > Another thought is having a bot monitor the IRC channels where CC# are > traded. When a bot identified a CC#, it would be entered into the > database. > > A legit user who was denied would simply have his bank reissue his > credit card (this would happen anyway after he rejects a charge). > > I would be very interested in doing this, and I have the bandwidth to > support a reasonable number of transactions. To stay under the lawyer's > radar, I'm thinking this would be a subscription only (not public) > service. I don't think a vendor would be obliged to inform the perp why > service was being denied. > > Know thine enemy. > > Comments? > > > > > _______________________________________________ > Asterisk-Biz mailing list > Asterisk-Biz@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-biz > _______________________________________________ Asterisk-Biz mailing list Asterisk-Biz@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-biz