BTW, Neither Visa, MasterCard, American Express, or Discover accept voice verifications for chargeback prevention.
On Sun, 2005-06-19 at 10:32 -0700, David Pollak wrote: > Well... > > You could have a shared DB of MD5 hashed CC #'s (never store the > actual CC #) along with the first 4 numbers and last 4 numbers of the > card. You could count the number of merchants in the network the CC # > has been used with over a certain period of time, the IP address that > the CC # was used from, etc. One could then run some statistics on > the CC #'s. If there was too much traffic on a single card or on card > sequences, etc. you could alert the merchants and they could void the > charges or issue refunds. > > This would also be a good "single point of contact" for enhanced > verification techniques: > - Debiting or crediting the account with a few pennies and getting to > user to enter the amount in another web site > - Calling the user on the phone and getting them to answer a simple > math problem (what's 3 + 4) and recording their voice authorizing the > charge > - Maybe more > > It could be an interesting project. Any thoughts on how many > different folks on this group would be willing to join a merchants > group to build something like this? > > snacktime wrote: > > > Like SPEWS.org, maybe it's time for a CC blacklist for the iMerchant > > > community. > > > > > > Anyone would be able to query the blacklist--a negative response would > > > indicate a merchant had chargebacks (or other trouble) on the CC#. > > > > > > Anyone would be able to enter a CC# into the database. A legit. CC > > > holder would get off the list simply by changing his CC# with his bank. > > > > > > The trouble with this is the vast community of underemployed lawyers. > > > > > > > There aren't any legal issues with this as long as you have specific > > defined critieria. You can't just put someone in a negative database > > because you *think* they are fishy or you don't like them. negative > > databases in the bankcard industry are common practice. > > > > The problem is that negative databases don't make sense for stolen > > cards. If a card is stolen get the bank to cancel it or investigate > > it. Negative databases are usually for legitimate cardholders that > > simply have a habit of charging back. > > > > Chris > > _______________________________________________ > > Asterisk-Biz mailing list > > [email protected] > > http://lists.digium.com/mailman/listinfo/asterisk-biz > > > _______________________________________________ > Asterisk-Biz mailing list > [email protected] > http://lists.digium.com/mailman/listinfo/asterisk-biz -- Kenneth Shaw Director of Technology ExpiTrans, Inc. 2428 Newport Blvd #8 Costa Mesa, CA 92627 tel: 949 278 7288 fax: 866 494 5043 [EMAIL PROTECTED] _______________________________________________ Asterisk-Biz mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-biz
