[linux-elitists] TrustCommerce

Karsten M. Self kmself@ix.netcom.com
Fri Aug 15 03:22:27 PDT 2003

on Thu, Aug 14, 2003 at 10:29:58AM -0600, Jonathan Corbet (corbet-elite@lwn.net) wrote:
> > Instead of retaining the user's credit card, they assign a billing
> > authorization code for that account and you retain that on file and
> > present it for future billings.  If your system is ever compromised
> > and someone makes off with the authorization codes, you can simply
> > tell the processor to blacklist all codes that have been assigned
> > to you.
> We use the TrustCommerce billing ID mechanism too; it's even better than
> that, really.  If somebody breaks our server and gets all the billing IDs,
> the *only* thing they can do with those IDs is charge more money into *our*
> account.  Unless the cracker also figures out a way to get money out of our
> bank account, the billing IDs are useless to them, even before they get
> cancelled.

Slick.  This is where credit cards really need to go.

BTW:  does anyone here sell biometrics for less than $50k?  I'm talking
prints, signatures, scans, voicepirnts.  You can Just Say No at the
salescounter.  Can be downright amusing, particularly if there's a long

Jon's comment reminds me of a forced-command SSH environment I worked
with.  Worst that could happen would be...someone could get the
(unprotected) key and...run our system maintenance commands for us.


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   Office Despot: Office Depot embraces Microsoft XP logo requirement.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030815/ee8601f4/attachment.pgp 

More information about the linux-elitists mailing list