Well as if to prove my point, I read today that my good idea has, at least in part, just been launched in the USA in a partnership between VISA and a company called Trintech Group.

So... now that the cat's out of the bag... here's the guts of what I was proposing.

The big problem with credit cards on the Net is that all the information required to submit a transaction is either stored on the card or can be calculated and guessed pretty easily. In short, all you need is a valid card number (and there are plenty of programs that will produce these or the fraudster can simply get ahold of a valid card number by various means), a name and an expiry date.

In effect -- anyone who can get a look at your card or a zip-zapped receipt created by your card now has full access to your line of credit.

Fraudsters armed with card-number generation software can produce huge lists of valid card numbers and then submit them to a number of online shopping sites. Of course they don't know the expiry date -- but they can simply keep trying different dates (often at a range of different online stores) until they find the one that works.

My solution to the problem was to set up an independent validation service that invited card-holders to register with them. On registering their credit card, the card-holder would be given a PIN number.

Vendors wishing to take advantage of the system would also register with the service and then be able to submit any pending transaction to the service for validation.

In effect -- a registered customer would visit a registered vendor and enter his credit card details as normal. On pressing the submit button, the vendor's system would call the independent validation service which would then ask the customer to enter their PIN number to complete the transaction. The part of the transaction involving the customer submitting their PIN number would completely bypass the vendor site -- the vendor would never see this additional piece of information -- they would simply receive an "accepted" or "declined" response.

Now, and here's one of the best features, if an incorrect PIN number was entered, the validation service would immediately send an email to the registered card-holder advising them that if it wasn't them who had just attempted to submit a transaction with an invalid PIN number then someone was attempting to fraudulently use their card. They could then contact the vendor and ask that other information (such as the delivery address submitted by the fraudster) be forwarded to the relevant authorities or the bank for investigation.

The system would also be designed so that the actual user's card number was never actually submitted to the validation service as part of the transaction approval process. In fact, one of the key components of my design was a system that meant that the card numbers of registered users was never actually stored on any of the validation service's computers. This means that even if the security of the validation service was compromised, a hacker would be unable to obtain any information of value.

Now the smarter amongst you will be saying "but what's to stop a fraudster registering stolen credit card details with the service?"

To be truly effective, such a service would require that those who registered their card details also submitted a signature in hardcopy form. This would meet the bank's criteria for insuring a transaction. Without any hardcopy signature, the vendor takes the risk -- with a signature it's the bank who carries the loss of a fraudulent transaction.

To get around this situation, those wishing to register their card details could print a form published on the Web, sign it and mail it to the validation service. Alternatively, as would seem to be the case with the company that has just announced a similar system, an arrangement could be made with the banks to auto-register all newly issued cards.

One version of the business plan associated with this idea involves a small cardholder "registration fee" of $5 or so which not only helps offset the setup costs, but also provides a verifying transaction to prove the integrity of the submitted information.

Like most of my ideas, this has even more potential than might first be seen and provides multiple revenue streams. For example, the operator of this service has the email and postal addresses of many millions of people with a proven line of credit. When signing up they would be invited to receive "special offers" from approved merchants -- thus allowing those who opted in to be added to a direct-marketing database. That alone is worth many, many millions of dollars over a period of time. So... there you have it -- another billion dollar opportunity lost because I've been so damned busy just working to pay the bills that I couldn't afford to exploit it.

Looking at my "ideas diary" I see that I first thought of this concept some 15 months ago -- which would have been plenty of time to get it off the ground and capitalise on today's e-commerce boom well ahead of the venture that has just announced their plans to do the same.

Ah well... never mind, I still have more than a dozen other ideas of similar calibre that are languishing for lack of time and money to exploit them. Fortunately the list is being added to on a regular basis -- there really are an incredible number of opportunities and a huge amount of money to be made in this new cyberworld.

It's just a shame that the governments which purport to run this country in the best interest of its citizens are so hell-bent on driving away people like myself who have these ideas.

Who Goofed?
Gosh... what do you think of these new spectrum auctions then?

Looks as if someone in government has goofed big-time. Have I missed something here or does it appear that we have a situation where the amount of spectrum on offer is closely matched to the number of bidders -- so there's no need for them to bid against each other.

It's as if there were three identical houses for auction and just three bidders -- nobody's going to bid above the reserve if there's enough for everyone are they?

I suspect the government has realised, albeit a little too late, that they've stuffed up wholesale here and Cullen tried to salvage the situation by putting things on hold -- usign the excuse that they must wait until the result of the appeal case brought by Maori was handed down.

Why the hell didn't the government auction one third of the spectrum each year over the next few years. That would have encouraged fierce bidding and a much better return... wouldn't it?

While socialist governments have their strong points and merits -- they really seem way out of their depth when it comes to managing the country's resources so as to provide a good return to the shareholders (ie: the citizens). And that kind of makes it hard to fulfill all those social-service promises doesn't it?

As always, your feedback is welcomed.