Pseudonymous Banking and E-Commerce

I recently wanted to purchase something online from a company in a far foreign land. This is not atypical; I regularly receive packages in the mail bearing strange and exotic postmarks from faraway lands, and do regular business with companies on four continents.

Normally I use Paypal. Or Google Checkout.

This particular merchant – in a country infamous for it’s credit card fraud, I might add – only accepted bank transfers, Western Union transfers, and credit cards.

On a $25 transaction – what I wanted to pay – my bank charges $49.95 for an overseas transfer, and Western Union fees aren’t a whole lot better. So, if I wanted what these folks were offering, I’d need to use a credit card.

I only have one credit card, however – a credit/debit card tied to my checking account. Having that compromised by thieves would be… extremely inconvenient.

So, what’d I do? Got another credit card, that’s what. And in the process discovered a very, very interesting opportunity to engage in, if not anonymous, at least pseudonymous banking.

At my local chain grocery store, there’s a machine near the checkouts that allows you to pay utility bills from it, by entering your account information and feeding it cash. It also issues and reloads prepaid Mastercard debit cards. I’d never really looked at this thing before last week; I had this sort of prejudice that the whole thing was an extortionate, fee-ridden plot to prey on the impoverished and those with poor credit history.

I was right, as it turns out. But these things also have quite a bit of potential for more technologically interesting uses.

Here’s how it works: You feed the machine cash – $5, $10, $20, $50, and/or $100 bills – and it gives you a prepaid Mastercard debit card for the amount of cash you entered, less $4.95. It asks for absolutely zero personal information. You can use it at retail locations just like a regular debit card.

To use it online, you need to “register” the card at a website. To do this, you create an account – it prompts you for a username and password and e-mail address. I used an anonymous Gmail account, and it was accepted. (Also, interestingly, they never sent any sort of e-mail to verify the address was valid.) Then, you register the card you purchased earlier, by entering the card number and so on. Then, if you’d like to use it online, you enter the name and address you’d like to use with the card. A helpful little notice reminds you that whatever you enter at this point is what you must enter in the future when prompted for your card’s “billing address”. Hmmn…

What I was buying online did not require shipping, so I decided to test and see if you could be creative here. (If anything balked somewhere along the way, I could still use the $35.05 on the card to buy coffee and stuff, locally.) So, I registered the card – through a web proxy – and dutifully entered in a name and address as follows:

Paul Bunyan
321 Oxhammer Circle
Saint Paul, MN 55101
(612)989-7635

Paul Bunyan, if you’re not aware, is a mythical lumberjack. There’s no Oxhammer Circle in Saint Paul; 55101 is the zip code for downtown, and that phone number is the requests line for a local classic rock station.

I then proceeded to the merchant’s website, placed my order, entered in all the (notional) information, and clicked “submit order”. It thought for a few moments, then gave me a confirmation number and a receipt to “print for your records”. A few hours later, I checked the debit card’s website, and saw that there had been a successful charge for $25 from the company involved.

Pseudonymous international e-commerce. Not quite as easy as it is in cyberpunk novels, but still pretty damned slick.

(Incidentally, my cynical belief that these prepaid debit cards are a plot to prey on the poor and financiallly-irresponsible appears to be well-founded. The prepaid debit card expires in just under a year, and will incur a $5 “service charge” per month until either that time arrives or the funds on it are exhausted. So, this isn’t necessarily great for regular use or recurring purchases, but seems perfectly usable for one-time online purchases or donations or whatever.)

Please, dear reader, only use this discovery for good. Or, failing that, if you must use it for evil, at least make it amusing evil…

Published in: Geekiness, General, Security | on August 3rd, 2010| 1 Comment »

Both comments and pings are currently closed.

One Comment

  1. On 2/20/2012 at 6:12 pm Anon Said:

    Sweet! But whatever happened to pseudonymous banking going mainstream, as the cyberpunks predicted? I guess bitcoin is more mainstream now, but I’m not sure what the available technologies are in 2012.