Mobyturns
25th February 2023, 09:07 AM
Rather than hijack LD's "Banned Lurkers" thread .....
The card info isn't kept, or even stored. Its irrelevant. Thats dealt with via a gateway.
The only thing that matters is the one cent.
The charge is made and the confirmation code stored. Its just a string of number irrelevant to anyone else. It does not need to be secure.
As for the other items on the signup page, don't collect them. They are all only for ID. This idea bypasses them.
The site then only needs to collect a handle, email address... and that's it. IF the other stuff is needed, put it on page two, or a config page post signup. All they do is inhibit joining.
Clearly state that the one cent is purely and only for spam control and NONE of the data is EVER even seen by the site. Be absolutely up front about it - and if people have a whammy, refund them the goddam one cent. You'll already know they aren't a spammers - for spammers rely on volume.
But, ultimately, its not my site. I'm only offering a simple1 bullet-proof solution to an intractable problem.... :)
Sadly, ID to use the internet is soon to become a thing. Spam and fraud are out of control. Bots ARE out of control. The free and open internet will continue, but Internet Version 2 will involve tiny tokens like the one cent to ensure spam and fraud is destroyed right at the source.
1 - it would take less than a few hours to implement.
WP,
IF it is so simple to implement, to protect personal ID info, why are ordinary punters being subjected to spam, scams and fraud from hacks on soft targets to major corporates? Not being argumentative, simply trying to understand the issues.
How does subscription renewal billing work? The likes of McAfee, Microsoft yadda yadda all offer auto subscription renewals. They must store card data???
There are plenty of small retailers who definitely store card info! I know from personal experience with some - as they asked "do you have the same CC?" I now refuse to deal with them, however the damage is/was done. One significant book retailer takes the details online in what appears to be a secure site, but manually processes the actual transaction. How & Why? My only protection was to request a new CC.
Have a look at the staggering amount of personal information, bank, super, shares statements ..... that Centerlink collects for say the "Low Income Healthcare Card" etc. Talk about a honeypot for hackers / scammers / fraud.
I note Choice (magazine) are initiating a campaign to force the banks & tecos into doing more to protect customers and their assets, from spam, hacking etc.
Most punters would face multiple phishing scams or fraudulent offers every single day. It really is out of hand.
The card info isn't kept, or even stored. Its irrelevant. Thats dealt with via a gateway.
The only thing that matters is the one cent.
The charge is made and the confirmation code stored. Its just a string of number irrelevant to anyone else. It does not need to be secure.
As for the other items on the signup page, don't collect them. They are all only for ID. This idea bypasses them.
The site then only needs to collect a handle, email address... and that's it. IF the other stuff is needed, put it on page two, or a config page post signup. All they do is inhibit joining.
Clearly state that the one cent is purely and only for spam control and NONE of the data is EVER even seen by the site. Be absolutely up front about it - and if people have a whammy, refund them the goddam one cent. You'll already know they aren't a spammers - for spammers rely on volume.
But, ultimately, its not my site. I'm only offering a simple1 bullet-proof solution to an intractable problem.... :)
Sadly, ID to use the internet is soon to become a thing. Spam and fraud are out of control. Bots ARE out of control. The free and open internet will continue, but Internet Version 2 will involve tiny tokens like the one cent to ensure spam and fraud is destroyed right at the source.
1 - it would take less than a few hours to implement.
WP,
IF it is so simple to implement, to protect personal ID info, why are ordinary punters being subjected to spam, scams and fraud from hacks on soft targets to major corporates? Not being argumentative, simply trying to understand the issues.
How does subscription renewal billing work? The likes of McAfee, Microsoft yadda yadda all offer auto subscription renewals. They must store card data???
There are plenty of small retailers who definitely store card info! I know from personal experience with some - as they asked "do you have the same CC?" I now refuse to deal with them, however the damage is/was done. One significant book retailer takes the details online in what appears to be a secure site, but manually processes the actual transaction. How & Why? My only protection was to request a new CC.
Have a look at the staggering amount of personal information, bank, super, shares statements ..... that Centerlink collects for say the "Low Income Healthcare Card" etc. Talk about a honeypot for hackers / scammers / fraud.
I note Choice (magazine) are initiating a campaign to force the banks & tecos into doing more to protect customers and their assets, from spam, hacking etc.
Most punters would face multiple phishing scams or fraudulent offers every single day. It really is out of hand.