[sldev] RE: Re: Re: Patch to Address Debit Permission Spoofing

[Able Whitman]

Hi Kamilion, thank you very much for your feedback. I am honestly very
surprised to hear that so many of your customers deny the debit permission
to your vendors. I had expected this number to be very small, actually, so
thank you for sharing some real world data!

Your comments lead me to ask some related questions: With a permission
denial rate of 75% for new users, how many of them require personal
attention from you before they get the vendor to operate properly? Do you
have a sense that they are denying the permission because they are wary of
doing so, or because they haven't yet configured the vendor? (or for some
other reason?)

Also, do you have any insight into how common this high rate of permission
denial rate is for other vendor sellers? It seems like you've gone out of
your way to be accomodating to your customers, which is another reason I'm
so surprised at the results.

I can definitely see how the auto-denial feature could cause you (and others
in a similar situation) a good deal of hassle. I had envisioned the feature
as part of a defense-in-depth approach to trying to prevent malicious use of
the debit permission, but I also don't want it to be onerous for those
people who are legitamately using it.

I still think it's a valuable feature, and it is turned off by default.
However, if it seems like it will cause that much trouble for vendor dealers
and vendor users, I would definitely reconsider having the feature wired up
as a first-class setting in the Properties dialog.

I'd like to discuss this with you further, so feel free to reply directly to
me if you'd like. I wanted to send this email to the broader group because I
would be very intersted in hearing about the experiences of other people who
have sold vending systems.

--Able


On 5/25/07, Kamilion <kamilion at gmail.com> wrote:
>
> Hm. I run a single-database networked vendor that carries many
> products from many people.
> Already, 50% of the people that get my vendor IM me to ask 'why is
> this asking for debit permissions' when it's clearly stated in:
>
> A: The documentation notecard that comes with it, at the very top, in
> all caps, and repeated 3 times
> B: When the vendor starts up, greets the new vendor owner, explains
> itself, and asks for permissions
>
> And after all that, AND handing out the script module that actually
> handles the money mod/copy/transfer, most of them tell me directly
> that they don't trust my vendor with debit permissions.
>
> Plus, my vendor also emails my logs email account on my domain on
> initial start up, which also records if the user accepted permissions
> or not -- a full 75% of the new users of the vendor system do not
> accept permissions... So in order to alter that, I had to adjust the
> vendor to act as a catalog-only system when permissions haven't been
> granted, and now I'm in the middle of writing a gift-certificate
> system so the vendor is still a viable sales tool.
> In order to attract anyone even using the system, I had to allow 10%
> of every sale to stay with the vendor's owner (which means 90% of the
> item cost is sent to the item's creator) just to stay afloat.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/sldev/attachments/20070525/5aeea153/attachment-0001.htm