The original item is here.
September 27, 2006
1 Comment »
RSS feed for comments on this post. TrackBack URI
- Comment
- Reblog
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
The original item is here.
RSS feed for comments on this post. TrackBack URI
Jon's Radio Comments 
Jon,
Replace SSN with “credit card number” and this is exactly the way a lot of (the better) payment gateways work as part of a merchant’s payment process: you are on the merchant’s site right up until you want to pay, then you get dispatched to the payment gateway’s site, do the “exchange information” dance with them and they then send back to the merchant a pass or fail token and some kind of ident. They may well have contacted the merchant in the middle of the payment process to verify that is what an expected and correct payment, too. All the merchant ends up with is a unique (hopefully non-reputiable) ident and an answer from a trusted authority. They never need to know about your credit card information. This can all be merged pretty seamlessly into the merchant’s site flow, too (it doesn’t have to be “check out” or right at the end), so it still looks like a professional process.
Short version: yeah, this scheme should work. It’s used in other similar domains already.
Comment by Malcolm Tredinnick — September 27, 2006 @ 10:44 am |