[Asterisk-biz] Tomtelecom

trixter aka Bret McDanel trixter at 0xdecafbad.com
Sat Nov 19 21:21:25 MST 2005


On Sat, 2005-11-19 at 22:29 -0500, Paul wrote:
> >You are entitled to two paypal accounts in total, a personal and a
> >business account.
> >  
> >
> The businesses are corporations. One account per corporation is allowed.
> 
Read their TOS, sadly yes a business is allowed only one technically
(but there are ways around that, however if paypal gets a bug up its
butt they can cancel all 'linked' accounts for a TOS violation).

Fastest link that I found that has this specific info is:
http://www.paypal.com/cgi-bin/webscr?cmd=xpt/cps/general/PayPalAccountTypes-outside
at the very bottom:
PayPal allows members to have one Personal account and one Premier or
Business account. However, each PayPal account must contain unique email
addresses and financial information. You may upgrade your account at any
time.

The way around it, and while that isnt part of the TOS so its not as
legally binding (estoppel does provide some protection but not with
symantics like this generally speaking) is to have 2 people at the same
business each get a business account, one to be used for purpose one and
one to be used for purpose two.

If you are planning on doing this I suggest that you really research
this part of the TOS and be sure that you arent gonna violate anything
because paypal can get uppity at times and when they do they will
suspend your account not letting you do anything with it (including
withdraw money for 6 months).

Additionally when paypal gets uppity they tend to share info with their
parent ebay and if you sell on ebay and ebay hears that you have
potential fraud on paypal then ebay will cancel all your auctions, send
a 6 page email to each person who bought from you saying that you are a
crook then in the last paragraph (which generally isnt read becuase most
people dont read that far) states that nothing is yet proven and you may
not be a crook.  Generally it kills your business.



> Again, I don't use paypal to collect. If i did the same "know your
> customer" rules would be followed.
> 

Yeah my point with all that was the prepaid debit cards which can let
someone subscribe to service then not have funds to pay.  Back when
netflix first started (as well as pinkdot/kozmo/etc) people would sign
up for subscriptions, then not return anything.  Netflix was
particularly dumb becuase they would initially ship after only the
verification of $1 went through not the monthly subscription rate.
Pinkdot/kozmo would deliver movies (other goods had to be paid for at
the time of ordering).  With the VoIP world, especially BYOD stuff where
you dont have a guarantee that you know the persons address, or at least
one they have access to, it becomes a lot harder to track someone like
this.

Using companies that have been victimized like this in the past as
examples, lets say Broadvoice, who claimed that something like 20% of
all new subscriptions were fradulent either stolen cards or prepaid like
this.  Someone has the $20 for a month of service on the card makes
$5000 in calls and poof.  Broadvoice will now do midmonth billing if you
reach a certain threshold, as is defined in their TOS but some companies
dont invest enough money into hiring qualified people to create and
review security policies to ensure they dont get taken.

The calling scams that involved certain foreign countries (largely
afganistan and liechtenstein but a few others as well) where the
terminating fees were changed and the owner of the company signed a
'pass through billing' agreement without fully understanding what was
going on is the other big hit.  

Some companies have shut off calling to foreign countries thinking they
are safe because they block 976-xxxx and 900-nxx-xxxx numbers but there
are more (976 is local only and may not always be 976 but generally that
isnt a problem because of its local nature).  There are ways to have
what appears to be a normal number nothing special in the prefix, and
even allow interstate calls to it, in the US (not talking about 809 or
anything outside the US) that have insane fees.  There are 13 such
exchanges in new jersey alone.

Of course if you set up premium number blocking at the carrier level
(generally through LIDB) you can avoid most of this, however there are a
lot of carriers that dont know enough about the telephone business to
really be in it and dont know to ensure that their numbers are so
blocked.


> Are these free? Even if they can be "recharged", I'm not going to pay
> issuance fees, recharge fees or a percentage in order to pay my vendors.
> 

greendot can be obtained and charged up at a coinstar kiosk (the green
thing at most supermarkets where you take your coins to convert into
paper).  You can also goto many drug stores in america and get a green
dot card.  You dont get the actual card, what you get is a 'cookie' that
lets you activate your card, they then verify identity normally through
a credit service and mail you the real card. You can then change your
billing address instantly to anywhere you want with no verification and
on some of their plans have multiple cards at no fee (their student plan
for example, other plans charge a fee for a 2nd card in *any* name even
'yo mamma' as a friend did with his 2nd paypal card).

There is a fee for greendot, but if someone is doing this for fraud they
wont care.  From a business perspective, pay about $20 get $5000 in
calls, especially when using it for a net cafe or similar where they
sell per minute ...  From a moral perspective its wrong, but that hasnt
stopped many people.

 
> Same thing can happen with a real credit card. Once the credit limit is
> used up, the transactions are declined.
> 

Yes but they dont have the pseudo-anonymous ability to create any name
and address for verification purposes.  Lets say you blacklist UserXXX
for failure to pay, they get a card like this and it has totally
different info.  How do you know its the same person?  What if you gave
em a call back on the number provided, without looking in LIDB (via SS7
usually, accudata provides a gateway to this though) you wont know if
its a regular line, voip or what. 

goiax, stanaphone, ipkall all give free DIDs delivered via VoIP it could
be that you call a VoIP line, or it could be a prepaid mobile number or
it could be ...  Either way you dont know that its the same guy, who
decides to make it his mission to ruin your company (and profit along
the way) by making tons and tons of calls for which you cant bill anyone
without going through the legal system and even then there is no
guarantee you will get paid.

Granted its not likely they will rack up enough to cripple all but the
smaller providers, it could seriously harm a startup ITSP.


> The only "cost" to me with paypal is the delay of a few days in moving
> funds between bank account and paypal. Note that when moving funds back
> to my bank they are immediately removed from the available balance on
> the card.

Yeah and paypal has that money market account where you can get some
interest on your money while in paypal, but meh.  Most of what I said in
this and the last email was more generic stuff for things people should
be aware of and watch out for.  Failure to undertand the different
components of your business can result in substantial losses.  It
wouldnt take very many people doing this to one company to really harm
it, how many companies can sustain a $50k hit per month (10 people doing
this @ $5k/mo for example).  A small group of individuals (who may not
even know or be affiliated with each other) can really get hammered.

If you just put a threshold in then the people will figure out what that
is eventually (the first time someones account gets shut off due to the
inability to bill) and they will just keep it under that and say its a
cost of doing business.


-- 
Trixter http://www.0xdecafbad.com     Bret McDanel
UK +44 870 340 4605   Germany +49 801 777 555 3402
US +1 360 207 0479 or +1 516 687 5200
FreeWorldDialup: 635378
http://www.sacaug.org/ Sacramento Asterisk Users Group
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.digium.com/pipermail/asterisk-biz/attachments/20051119/d7a3f534/attachment.pgp


More information about the asterisk-biz mailing list