[clug] The 1st Internet Tax is here.

Thu Nov 13 10:30:44 GMT 2008

Wow I didn't really expect this post to take off the way it has..

Thank you everyone for your thoughts and suggestions.

Just to clarify my opinion on this some. I would like to add some more to
this subject.

I only had to make two changes to our system in order to become compliant
with this whole deal and those 2 changes were simply adding in some logging
that
I had never found a need to do. Now under this I see the relevance of
covering my @ss and logging more then I was.

We have many servers. The DB server(s) that contain any client information
are not subject to web, email or and such traffic. They are IMO the most
secure and locked down
servers that we have. Annoyingly so at times. Which IMO is a good thing
accept for those times. haha.

again my major concern was that the bankers have now deemed a monthly
surcharge (tax) for processing CC transactions. We have all in our own way
fought over the years
to keep the Internet some what free and to me this seems like the 1st
accepted tax. As some of you have said this is a necessary evil. I totally
disagree with that thought process.
I would lean more towards the others to say "the banks system needs to be
fixed". It would be alot simpler for the banks to provide a system that
would allow CC holders the
ability to provide a pregenerated number or string of some sort that would
allow payment by that CC holder w.o actually transmitting any personal
information. This would be a huge undertaking and
would cost them early on but in the long run would be very beneficial to
all.

I don't see how they will gain from this vs. simply making a pile of money.
One person sent me a private email which simply stated "if they would use
that fee to purchase insurance it would be one
thing but the fact that this will not cover the merchant at all makes me
believe it's just another revenue source".. Note: that wasn't an exact quote
but the general idea of his words.

So we pay now we pay twice and maybe a 3rd time as well.
We pay a % of each transaction,
Now a monthly fee
and if we can't prove that a piece of lost/stolen data wasn't lost/stolen
from our server(s) we will pay again.

Paying this Monthly fee will not give us anything like insurance or
protection by the bank in the event of stolen data. We simply pay them now.
For what? Nothing in return vs. doing business with a CC.

I'm rather frustrated by this and it's a little odd that this was "passed"
with out some same or input by the people. I get the impression this is the
Titan being a bully and making the lessors pay.

I do agree that there are other solution and I'm considering moving over to
one myself but I don't feel we should be forced by any means to choose
another service provider when we are capable of doing it our self. I mean I
have spent 17 years in network security only to have my the rug pulled from
underneath me. Most people haven't spent half of their life time in security
so I have to remember that that in it self is where the issue comes from.
People who don't care about your information.

Again, thank you all for your input and comments.
~Seth