[BangPypers] [X-post] Registrations are open

Thu Jun 6 07:26:03 CEST 2013

On 6/5/13, Anand Chitipothu <anandology at gmail.com> wrote:
> Here is the reply I got from doattend support.
>
> Thanks for using DoAttend to sell PyConIndia 2013. I guess for last year
> also, you were using DoAttend. We are excited to partner with you again and
> will make sure that you get the best support possible :-)
>
> Some online payments could become "Flagged" for manual risk verification at
> our gateway. We have a standard process here to handle them. DoAttend would
> have sent an email asking for billing address verification in such cases.
> Please ask the buyers to reply to it. Within 48 hours, their tickets will
> be delivered to their inbox.

Fwiw, they sent the e-ticket last night without me replying to their mail.

> We ask for billing address in our registration forms. Payment gateways
> require us to send it to them to complete payments. We dont store that
> information anywhere in our servers. Also if you can see, our registration
> workflow is completely 'https' enabled. which means, its very secure to
> enter information at DoAttend.

Classic corporate-speak that conveniently side steps the uncomfortable
questions I raised - If the payment gateway required that information
their site UI form would have asked for it but EBS.in didnt ask for it
- the information collection was on the DoAttend site. When payment
gateway providers require your details for verification from the bank
server, they will ask for it on THEIR site (think Paypal) and even the
smallest difference in the details will cause the transaction to fail
<-- Been there, done that.

To cross-check, I asked my bank's relationship manager who clarified
that rules prohibit them from sharing their customer/client data.
Later, I asked another friend who works in the banking security
industry who also corroborated what I had said in my earlier mails -
my transaction would have definitely FAILED if they had access to the
bank records for verification. It did NOT, so DoAttend has no right to
take my money and then refuse to give me the ticket I just paid for.
That is unethical and unprofessional.

Despite their corporate-speak, they are also aware that there is no
way anyone can tell what they do with our personal information. Many
companies claim not to sell this data but have you ever wondered how
one is spammed each day by email and tele marketers?

I dont wish to cycle through this discussion next year (if you use
DoAttend) nor want the headache of dealing with a company that takes
my money but refuses to give me the ticket I paid for. It would be
nicer if Pycon-IN could provide their bank account details as an
alternative way to transfer the money. With net-banking it would not
be very hard to track such transactions online.

Thanks,
-- 
svaksha ॥ http://svaksha.com ॥