Hello Bear, Be interesting to have a standard cross verification scheme/policy between free efforts where the data is sent and then some rules applied against it if it's 98% the same or something ok it...
May not be practical *shrug* and also 1 site may not agree with how another treats the policy of it's certificates etc... Just a thought... -- Best regards, evilbunny mailto:evilbunny@;sydneywireless.com http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom Monday, November 4, 2002, 12:43:34 PM, you wrote: BG> evilbunny wrote: >> Interesting idea... Only problem is the bank doesn't verify the name >> electronically as far as I'm aware... Least none of the payment >> gateway's I've dealt with in the past... BG> (I was planning to charge $10, but I am also planning to offer personal BG> server certs if you have a $10 cert.) BG> There's no requirement that you have your legal name on your credit BG> card. I've gotten them in aliases before, most banks really don't care BG> what you have on your card as long as you pay your bills. BG> (The gory details? My parents were not cool, but I had "Bear" on my BG> credit cards and checks years before I broke down and had my name BG> legally changed. It's much more common for aliases to occur because of BG> marriage and divorce.) BG> HOWEVER, I thought the credit card processing centers could verify that BG> the name and address provided on the order was identical to the card's BG> billing address. Like verifying email addresses by requiring BG> confirmation through that address, it really doesn't prove anything but BG> it's more than enough for most casual purposes. BG> In addition, if you charge a reasonable amount ($10+) you can easily BG> have an automated process that prints out acknowledgement forms and BG> physically mails them to the nominal cert holder. You have to stuff BG> envelopes, but with window envelopes and a postage meter it won't cost BG> more than a buck or two to send a letter to everyone confirming that a BG> cert was requested (and granted) in their name and if this was erroneous BG> they should contact the CA at some website. If the mail is returned, BG> revoke the cert but keep the money. :-) BG> .... BG> One other note - I don't think you can save the full credit card info BG> once the transaction has cleared. Merchant agreements, state laws, all BG> tend to frown on this. You should be able to save the first four digits BG> (which identify the issuing bank - not because you actually store these BG> digits, you see, but because that happens to be the BankID in your BG> database!) and the last four digits (which are now the traditional way BG> of identifying a customer' card). BG> Bear BG> ______________________________________________________________________ BG> OpenSSL Project http://www.openssl.org BG> User Support Mailing List [EMAIL PROTECTED] BG> Automated List Manager [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature
