evilbunny wrote:
(I was planning to charge $10, but I am also planning to offer personal server certs if you have a $10 cert.)Interesting idea... Only problem is the bank doesn't verify the name electronically as far as I'm aware... Least none of the payment gateway's I've dealt with in the past...
There's no requirement that you have your legal name on your credit card. I've gotten them in aliases before, most banks really don't care what you have on your card as long as you pay your bills.
(The gory details? My parents were not cool, but I had "Bear" on my credit cards and checks years before I broke down and had my name legally changed. It's much more common for aliases to occur because of marriage and divorce.)
HOWEVER, I thought the credit card processing centers could verify that the name and address provided on the order was identical to the card's billing address. Like verifying email addresses by requiring confirmation through that address, it really doesn't prove anything but it's more than enough for most casual purposes.
In addition, if you charge a reasonable amount ($10+) you can easily have an automated process that prints out acknowledgement forms and physically mails them to the nominal cert holder. You have to stuff envelopes, but with window envelopes and a postage meter it won't cost more than a buck or two to send a letter to everyone confirming that a cert was requested (and granted) in their name and if this was erroneous they should contact the CA at some website. If the mail is returned, revoke the cert but keep the money. :-)
....
One other note - I don't think you can save the full credit card info once the transaction has cleared. Merchant agreements, state laws, all tend to frown on this. You should be able to save the first four digits (which identify the issuing bank - not because you actually store these digits, you see, but because that happens to be the BankID in your database!) and the last four digits (which are now the traditional way of identifying a customer' card).
Bear
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
