|
Grex > Coop6 > #71: Why not collect for memberships via credit cards & avoid the US Snail? | |
|
| Author |
Message |
| 25 new of 59 responses total. |
marcvh
|
|
response 25 of 59:
| 
Jan 1 20:28 UTC 1995 |
I don't think it's about impulse so much as about convenience. I find
mailing checks to be an annoying process, one that I go through once
or so a month for bills and think unkind thoughts about the whole
time, figuring there has got to be a better way to do this. I hate
this quaint practice of moving around physical pieces of paper which
are read and processed by machines and therefore logically are just
data anyway, but that's just me.
Well, here's the condensed version of how it could work with First
Virtual, omitting some details, given what I know, I could be
mistaken, your mileage may vary, etc.
We establish a "merchant" account with FV. People who have an FV
"buyer" account can have us "bill" things to it, which in turn goes on
to their chosen payment means with FV (currently MasterCard or Visa,
supposedly there are plans to support direct checking about debits as
well.)
(Getting a "buyer" FV account is free and fairly simple; it involves
filling out a short form with things like your email address and phone
number, and you phone up FV's computer's 800 number and use
touch-tones to give them your credit card number, which is never sent
over the net. Its security is not perfect, but represents a trade-off
between safety and ease of use. It's no less secure than most
standard credit card transactions; probably more secure than some.)
People on Grex somehow indicate a desire to charge a given amount on
their FV account; this could be done by a simple program that prompts
for some information and mails the "charge slip" off to FV, or it
could be done by hand. After verifying the validity of the charge
with the user, FV sends email to our treasurer indicating the charge
was accepted, and then periodically the money gets transferred
directly into Grex's account. The email is both human-readable and
machine-readable, so in principle its processing could be automated if
desired.
Setup is $10 (one-time) for the "merchant" account.
Per-transaction costs are $0.29 plus 2% of the amount; e.g. a $60
transaction would actually pay $58.51. I think this could be a
problem with $6 payments, but establishing something like a
three-month minimum doesn't seem unreasonable. [Heck, charging a full
year's membership and paying it off with interest is a lot cheaper
than paying $6 per month for a year.]
Once per period (I think a period is a month), if there are any
transactions, the total is automagically deposited in Grex's account
less a $1 fee for the transfer. This is no problem if nobody uses
this service, and no problem if lots of people use this service, but
mildly annoying if one or two people use this service.
There are some other details that would need to get worried about, but
basically that's the deal. This is me summarizing the information
from FV's web pages at <URL:http://www.fv.com/>, and I may be confused
somewhere. It's also possible there are other hidden charges; for
instance, Grex's bank might assess a service fee for processing the
funds transfers. If not, I suspect this is as good a pricing
arrangement as we'd get anywhere, and probably as convenient as can
reasonably be expected.
This is IMHO the only viable aspect of commerce on the Internet for
Grex's purposes that is available now. Most electronic commerce
concentrates on things like secure versions of HTTP for transmitting
credit card numbers, but still expect the merchant (us) to have an
existing relationship with a bank for processing them via non-Internet
means.
Some other issues come up, of course. There would be a somewhat
higher latency in terms of how long until we actually get the money,
and it's conceivable a charge noted as approved would later be
un-approved for some uncommon reasons like the account being obtained
in a fraudulent manner. This probably isn't much if any worse than
the current issue of what we do if a check bounces. (What do we do if
a check bounces? Have any?)
|
steve
|
|
response 26 of 59:
|
Jan 1 21:06 UTC 1995 |
Well, thats interesting and worth thinking about.
|
danr
|
|
response 27 of 59:
|
Jan 1 22:36 UTC 1995 |
This is an interesting service. If I understand what Marc is saying,
FV does all the dealing with the credit card companies, and send the
money to us less a small--and I think reasonable--fee. One thing I
wonder about is what happens if someone decides to challenge a charge,
but overall this looks promising.
So, Marc, if we sign up with FV are you going to join us?
|
marcvh
|
|
response 28 of 59:
|
Jan 1 23:08 UTC 1995 |
Depends whether I decide to stay in grad school or manage to find a
good job. :-) I should emphasize it's not at all clear to me how many
people would actually use this service, though there does seem to be at
least some interest.
Well, there are two different kinds of challenges: alleging fraud, or
claiming that the services were not rendered satisfactorily. In the
context of Grex, I'm not sure the latter even makes sense. This is an
area where I'd have some concerns if we were to have an informal
arrangement with an area business where they process our transactions
for us.
My understanding is that people are not "supposed" to challenge FV's
credit card charges, because they already get a chance to confirm
or deny them via email before they go to the bank. If somebody does,
FV terminates the account for violating the procedures, and the
merchant (us) gets notification that the charge was refused by the
bank, and we revoke that person's membership and send a nasty letter. I
assume that's also what we would do if a check bounced, although a
bouncing check would likely be returned in a more timely fashion (it
could be around a month before the charge shows up on the person's
statement, after which I think they have another month to protest it.)
The "green commerce model" that FV uses is based on the principle that
the merchant bears risk of non-payment. Since we essentially accept
donations rather than fee-for-services, this doesn't seem like a big
problem. If things move in the service direction, it could become one,
though M-Net offers fee-for-service with automatic status upgrade prior
to actual receipt of payment, and as far as I know hasn't had problems
with widespread fraud.
Anyway, something to think about.
|
danr
|
|
response 29 of 59:
|
Jan 2 02:33 UTC 1995 |
Hmmmm. I just had a look at the First virtual home page, and I don't
think they're offering the service we've been talking about here. It
seems what they want to do is be the intermediary between the buyers
and sellers of "information," not a clearinghouse for any kind of
credit-card purchase.
|
marcvh
|
|
response 30 of 59:
|
Jan 2 04:11 UTC 1995 |
Well, FV was designed with the goal of allowing folks to purchase
information on the net (as opposed to purchasing, say, vacuum cleaners.)
The reason for this is because their "Green Commerce Model" (described
in the index of technical information off their home page) places the
risk of non-payment on the merchant, which they consider acceptable only
for those services with little marginal cost such as information
(typically, anyway) and for which there are not issues of possession
(you can't demand somebody give you information back.) Also this is
because "buying and selling information on the Information Highway" is a
trendy and hyped area right now. I can see how that might not appear to
be what we're looking for.
Payment/donations for a public-access conferencing system is not the
application I think FV had in mind, but I think their system could work
for it never the less; like any good system, it may prove useful in ways
beyond the vision of the creators. I think payments to Grex are more
like selling information than like selling vacuums, and certainly fall
under the general goal of "electronic commerce." It does mean their
server software wouldn't suit our needs, and we'd need to write a little
of our own.
At risk of getting a little technical, we would probably need to write
software to generate requests via email, which would look sort of like
this, just to give a flavor...
Content-type: application/green-commerce; transaction=transfer-request
BUYER: AccountIdOfBuyer
SELLER: AccountIdOfGrex
AMOUNT: 60.00
CURRENCY: USD US Dollars
TRANSFER-TYPE: donation
TRANSFER-ID: <12345@grex.cyberspace.org>
PAYMENT-EXPECTED: no
DELIVERY-STATUS: pending
DESCRIPTION: Grex membership thru March, 1996
The above includes some fields that are optional but I think help
clarify things. For example, donations are clearly something the system
was designed to handle; "donation" is even one of the defined
transfer-types in the spec, as is "usage-fee", whichever is more
appropriate for Grex. [Actually, that field is ignored and for
informational purposes only anyway...]
Actually, I think that one place FV plans to make money is on combining
multiple transactions from one buyer into a single transaction on the
actual credit card, reducing the transaction costs and profiting off the
difference. A bunch of buyers who only make occasional transactions to
one merchant isn't ideal from their standpoint, though since they're a
relatively new service and just getting established they'd probably
welcome just about anything that builds their user base.
|
marcvh
|
|
response 31 of 59:
|
Jan 2 21:57 UTC 1995 |
Not surprisingly, there were a few minor errors on my part. Buyer
accounts actually would cost our users $2 to obtain. It's still not
entirely clear whether this use would constitute appropriate use under
their guidelines; I'll see if I can get a hold of somebody there (I
know a couple folks in passing) and get a clarification.
|
andyv
|
|
response 32 of 59:
|
Jan 3 04:45 UTC 1995 |
Certainly Grex shouldn't be an "impulse buy." When I want to donate money
I'm not buying anything. Membership is only one aspect of collecting
money for Grex.
When I want to donate money, the easier the better because when I get in
the mood the recipient should have his hand out. The mood gets squelched
by competing interests with time.
|
steve
|
|
response 33 of 59:
|
Jan 3 05:12 UTC 1995 |
I meant that as a joke, mostly. But one of our first members,
Brude Howard, was just that. he was so interested in the idea of Grex
that he whipped out his checkbook and gave his check to eitehr Marcus or
Valerie(?). ...So we really have had "impulse" buys.
|
andyv
|
|
response 34 of 59:
|
Jan 3 05:30 UTC 1995 |
Now there is a story I would like to hear, Steve :)
|
pegasus
|
|
response 35 of 59:
|
Jan 3 19:44 UTC 1995 |
OK, for the FV thingie, people outside the US can't access an (800) number
to give their credit card #. And, austensibly, this is one of the main
reasons for Grex to take credit cards.
Also, people can still dispute the charges placed through the FV system,
since they have up to 2 months to say they didn't make the charge or
didn't get the merchandise. The merchant has to prove the card holder placed
the order, and this is best done with a signature. I doubt that FV gets
a physical signature.
DanR says he doesn't like the idea of individual transactions. The bank
the merchant account goes through would make automatic (electronic) deposits
for each batch that was closed out, usually 2-3 days after the cards are
entered and then the batch is closed. There is a monthly fee the bank
charges, as well as the percentage, usually 3% nowadays. Fees can range,
but I think $30/month is about right.
what else would you folks like to know about the mechanics of taking
credit cards?
Pattie
|
marcvh
|
|
response 36 of 59:
|
Jan 3 22:12 UTC 1995 |
My understanding is that they offer a non-800 number for international folks,
and presumably also for folks who happen to be local to FV, which I think
is around Cleveland or something. There are potential problems with the
FV option, but I don't think this is one of them. The international
limitation is that all transactions must be in US Dollars, which isn't
really a problem for us because I think that's what we wanted anyway.
No, FV doesn't get a signature. People could contest charges, and Grex
would likely not get the money in that case. There are a variety of
scenarios, but I won't bother to outline them now. It's not clear to me
how somebody could contest that they never received the
merchandise/services, since money to Grex is supposed to be a donation
and not a fee for something. My reaction to the possibility of having
donations contested and Grex not getting the money is "at least there's
no $20 fee for that like there is for a bounced check."
It's also not clear to me how things would work if a contest came
through in a case where a charge was being processed by proxy for a
third party without prior arrangement; I think the concern runs both
ways.
I'm not sure exactly what you're refering to in your penultimate
paragraph; do you mean the terms Grex would get for an arrangement to
accept credit cards directly? If so, the $30/mo sounds like a lot for
something that may not get used at all.
|
brenda
|
|
response 37 of 59:
|
Jan 4 01:33 UTC 1995 |
Maybe this doesn't belong here, but it's just another option. On several
bbs's I've checked out, they participate with some service that has a
900 number. You call the number, which costs $10, and enter the id#
from the bbs. That's usually right in the 900# info section. Then
the 900# service gives you a code. You go back to the bbs and enter
the code, which immediately changes your status. If it was possible to
configure the 900# for a different charge (like $6 instead of $10), this
might be a really attractive option to many.
|
steve
|
|
response 38 of 59:
|
Jan 4 01:45 UTC 1995 |
Ah, I think I understand that now. The call to the 900 number
costs some amount of money, and in return it gives you a checksum
that the BBS can then use to upgrade your status. Presumably the BBS
then gets the money from the 900 number people, minus a fee.
I guess I firat have to wonder if we'd want to do something like
that. Such a system is designed for a service, which Grex isn't, really,
unless you consider conferencing a "service".
If we can get to the point of accepting a credit card (now, or
in the future) I think that we'll be about as well equiped as we can
be.
|
marcvh
|
|
response 39 of 59:
|
Jan 5 19:34 UTC 1995 |
Talked to FV and they confirm that collecting donations for Grex should be
an appropriate domain for an FV accout if that's something we decide to do;`
I can send Dan a copy of the note if you like.
If it is decided that it's a sensible option, I probably could be talked
into hacking together some software for handling it.
(or just about any other competent programmer could do it.)
|
kt8k
|
|
response 40 of 59:
|
Jan 5 23:36 UTC 1995 |
I love the 900 number idea - even better than using plastic!
I would have paid up FAR EARLIER if I could have done it
so conveniently! I think grex would get a lot more donations
in these ways than any of us currently imagine.
When I'm in Canada and use my credit card, they handle the
currency exchange issue for me. This could be a major
advantage of using plastic. Perhaps the 900 number concept
would do the same! I firmly believe there is great potential
in upgrading our collection system to one or both of these
methods. Maybe it would be too much for dutiful DanR, but
our systems can be changed and improved to handle it all.
|
marcvh
|
|
response 41 of 59:
|
Jan 6 02:01 UTC 1995 |
Hmmm... do 900 numbers work internationally? I know 800 numbers
generally do not...
Would it be possible to have a 900 number which bills for a
user-specified amount, rather than a fixed charge? (Unless we have
something like "Six dollars per minute, stay on three minutes for voting
status, tem minutes for a one year membership." Ugh. Doesn't sound
practical. And what would we let people listen to for ten minutes? The
sound of backups live from the Dungeon? A tape of the last board
meeting? :-)
I would sort of assume we would need to have somebody else actually
operate the service and receive a portion of the money. Anybody have a
good idea of how much of the revenue stream would get gobbled up by the
operator and the telco?
|
danr
|
|
response 42 of 59:
|
Jan 6 03:27 UTC 1995 |
Let's think about this for a second...
Say we do this, and get 50 more members in the next six months. Can
we handle that many more members? I can just see all these members
trying to telnet and irc all at once.
Cyberspace is *not* a business. By that I mean we're not really set
up to do things like a business would. For example, businesses have
employees to do all this accounting. We don't. I'm not saying we
shouldn't do this, but I think to do it right, we're going to have
change the way we handle membership accounting.
Right now, it doesn't take an unreasonable about of time to keep
track of everyone. But, if we were to double or triple our member-
ship and start accepting credit cards, I'd say we would have to hire
someone to keep the books. It would simply take too much time to
expect a volunteer treasurer to do it.
|
rcurl
|
|
response 43 of 59:
|
Jan 6 08:12 UTC 1995 |
Danr is right that Grex is about the size where the membership record
keeping and the money handling functions should be separated. Then, the
treasurer just receives and disburses the funds, but some "office"
function receives (and records) checks and other receipts, and keeps the
membership role. In some organizations this is the secretary, though there
are often different types of secretaries - executive, recording, office,
etc. Well, as usual, I've gone further than necessary. Let's just consider
separating the functions.
|
kt8k
|
|
response 44 of 59:
|
Jan 6 13:13 UTC 1995 |
I didn't think we offered irc, with good reason!
Could we restrict telnetting to locally dialed-in users? Why would anyone
coming from the net need to telnet back out?
It is possible that the added memberships would be over 100. Would the
funds make grex a better place - i.e. more disk, faster hardware,
net server, hired office help, or something else? Some bbs operators are
making a good living at this at comparable membership rates, and providing
better service in terms of reliability etc.
|
mju
|
|
response 45 of 59:
|
Jan 6 17:02 UTC 1995 |
Many of our telnet users come in through the MSU public gopher
client or similar avenues. Just because they can reach Grex
through the Internet doesn't mean they have unrestricted telnet
access.
|
andyv
|
|
response 46 of 59:
|
Jan 6 18:43 UTC 1995 |
I must be missing something about how complicated it is to receive 50
new members' dues. For the amount of transactions this place handles,
it doesn't compare with most mom and pop businesses which have lots
more bookkeeping.
|
mju
|
|
response 47 of 59:
|
Jan 6 22:17 UTC 1995 |
Uh, most mom and pop businesses are in it for the money, and
don't mind spending non-insignificant amounts of time keeping the
books. Our treasurer is a volunteer, with a real job. If we
grow much larger we may have to look into paying a CPA to keep
our books.
|
danr
|
|
response 48 of 59:
|
Jan 7 00:48 UTC 1995 |
re #46, 47: It's not difficult to do, it just takes a lot of time.
And as Marc says businesses are in it for the money, so they've got
the time to spend. That's how they make their living.
I'm not saying we shouldn't do it. All I'm saying is that we're going
to have to change the way we do the accounting *if* we do it. I'm
glad my tenure as treasurer is going to be over in less than a year. :)
|
mdw
|
|
response 49 of 59:
|
Jan 7 04:38 UTC 1995 |
I don't want to put a wet sponge into things, but as things stand, I do
not believe Grex is anywhere near secure enough to have "real money"
floating on this system.
Here's the kind of "worst case scenario" I think any sort of online
money system should be able to survive: the hacker breaks in, steals
root, and has the ability to read or write any file on the login server,
or to muck around with any of the system software and send any sort of
data out on the network.
Here's a kind of minimum list of improvements I think we'd need to be
able to do the online FV thing:
(1) a network authentication server on a separate secure machine,
with appropriate firewalls between it and the login machine.
(2) 24 hr hardware access and "instant response team" in case of
penetration.
(3) a "money" server that is also protected like the network
authenticaiton
database, and using appropriate encryption technology between it,
the login server, and fv, such that the bad guy can't forge
phony charges, and that excessively weird activity can be dealt
with appropriately.
|