Hi Stan, Honestly - good luck with this. We came to the conclusion that you
essentially need to permit every bank in the world as they all have
different authentication methods, all hosted on their own infrastructure.
That is how Verified by Visa and Master Card Secure Code are able
to guarantee the level of security. We used to log people in for a few
minutes to complete this transaction but it's really quite cumbersome and
generated more problems that what it was worth. As Nathan mentions referrer
URL could be useful, you could use this to generate a white-list over time
but that is likely still more trouble that what it is worth. In the end we
managed to convince our provider that the low transaction value was worth
the risk, signed a waver and opted out of the scheme.
On 3 July 2012 04:42, Nathan Ward
Why not allow based on referrer for some limited period of time? I assume that the referrer is going to be your hotspot's URL or something. Or maybe allow based on referrer forever and do some monitoring to check and see if people are abusing it. No need to get a perfect solution on day 1, you're better off allowing all customers than blocking potential freeloaders.
On 3/07/2012, at 3:38 PM, Stan Rivett wrote:
Hi all
Does anyone have a reasonably comprehensive list of domains used by credit card processors, such as 'Verified by Visa' etc., that I can add to the walled garden on a pay hotspot?
My provider, Payment Express, aren't being very helpful and filling my list by asking clients to read the URLs from their 404 message is proving to be slow and annoying.
So far I have:
arcot.com securesuite.net onlineauthentication.com.au lloydstsb.com securesuite.co.uk
Cheers
Stan Rivett ------------------ Netspeed Data Ltd PO Box 5691 Dunedin P: +64 3 481 7245 C: +64 21 323 841 ------------------
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog