[ANN] SMS2BTC.CO.UK: Purchase BTC instantly with SMS in the UK

[Herodes]

Ok, here's some really bad news. I'd like to have the input from the community on this.

I'm not the most active on this forum, but I've been a user here since early 2011, and I do believe in bitcoin.
At the same time we also want to make business, meaning we want a profit from our services. Unfortunately,
as we've registered the domain names, done the development and testing, we're still in the red. This was to
be expected however, as it always takes quite some time to build any substantial volume in sales for any
service.

There's been complaints in this thread that the markup is too high for our service. Most fees are extracted
from the fees charged by mobile operators and payment processors. Lately another issue has come to our
attention that might explain the high fees of other similar services, like dialcoin.

When first starting to make the mobile payment feature, we noticed this on Impulsepay.co.uk's website:

What if a consumer doesn't pay their bill?

The network operators allocated money from their fees to cover bad debts. Therefore, every successfully billed transaction we tell you about, you get paid for.

So we were under the impression that we would not have any liability. This was wrong. In retrospect, we should've checked this more closely earlier on. Anyway, we
just learned today that payments are not processed from the mobile companies to our payment processor until 45 days after the purchase was done. So basically,
from the time of sale, until we actually receive the funds from the purchase, 45 days goes by. Since our cut of the fees are not very high, we would have to have a
lot of legit sales just to cover a single fraudulent purchase.

At the moment we're sitting with a too big liability as we have no idea whether sales done so far will actually be paid or not. Esp. if numerous sales are done to a single
handset, we have no way of knowing whether we will receive money from these sales until 45 days have gone by.

There's two vectors for fraud as I understand it.

1. Someone fills up credit on a handset with a stolen credit card.
2. Someone steals a handset outright and uses it to buy bitcoins.

In both cases, the bitcoins the fraudster gets is non-reversible unless he willingly pays them back.

So I've temporarily suspended our Mobile Payment solution. I don't really know if we can continue it at this point. Impulsepay suggested limiting monthly sales for each phone,
but as you see, when we need several sales to cover a single fraud, this is not a business model that will work.

In an ideal world, there would be very low fees from the mobile providers and payment processors, and the legal owner of every handset would be liable for all expenses initiated
from that handset, stolen or not.

The situation is that the liability is with us. I've received some tips that we should increase the commission, thus needing to have fewer legit sales to cover a fraudulent one, and/or
starting to require identification papers from users. However, identification papers could also possibly be stolen or faked (although it would lower the amount of fraud). And I certainly
don't think any user would be interested in waiting 45 days for getting their bitcoins. It was also suggested to me that we hold onto the BTC until we're sure that payment has been
received.

Another solution would be to only permit users that we somehow validate to be legit users, but this is also hard to do properly. At the moment it looks like that anyone could just
steal a mobile phone, then go to our site and buy 'free bitcoins'. That's why we've shut down the service at the moment.

We'd basically want to offer to purchase bitcoins with mobile payment (SMS), but it seems like this is very difficult to do as there's so many hurdles. Textcoin.co.uk also take a
very high premium at the moment, and I'm starting to understand why this is necessary.

If there's anyone of you that think this service is worth operating, and have any ideas as to how we could do it to remove or reduce our possible liability, I would be very interested
in hearing about your opinions.

It would be a shame to shut down the service, as there's a decent amount of resources used for developing the service, and it's not the intention of ours to flee the users, and our
cut of the pie have been pretty low for the time we've been operating.

Thanks in advance for everyone that chimes in.

[1715043292]

1715043292

[1715043292]

1715043292

[1715043292]

1715043292

[1715043292]

1715043292

[1715043292]

1715043292

[zerokwel]

That's a shame... Its always the few that spoil it for the many. And as I say the more ways for to do bitcoin transactions the better.

Limit the transactions to 1 £5 pack per person per 45 days until they have proved trustworthy.

Hopefully at the end of the 45 days you get paid for 100% of all the sales

[Herodes]

That's a shame... Its always the few that spoil it for the many. And as I say the more ways for to do bitcoin transactions the better.

Limit the transactions to 1 £5 pack per person per 45 days until they have proved trustworthy.

Hopefully at the end of the 45 days you get paid for 100% of all the sales

zerokwel, thanks for the interesting input. I will consider your suggestions. We're considering several alternatives as how to restrict fraud,
and we might have to do some recoding of the service to impose such restrictions. We do hope we can continue to offer this service.

[Herodes]

I've done some thinking, and I'm considering discontinuing our service for mobile payments (SMS) for bitcoins.

The incentive for fraud is pretty high with cryptocurrencies, as once bitcoins are paid out, they can't be reversed. If we sold ringtones, if someone got some of these it wouldn't be much of a big deal, since we wouldn't incurr a big monetary loss because of it, but as it is now, when our service is used for money laundering or fraud, the loss will be passed down to us.

Initially, my idea was that selling bitcoins to mobile users would give users the ability to get bitcoins quickly, although a bit expensive for the end user. It was also an idea of mine that there shouldn't be any draconical restrictions on the ability to do these purchases.

However, there's so many ways this can be exploited, ie. hackers hacking into operators websites and misusing customers mobile accounts, handsets that gets stolen and loaded with credit from a stolen credit card.

So there's been several tips as to how to secure the service, both from within our team and from others. The end point is however that if mobile operators are defrauded, the losses will be put on us, and we won't know for sure until 45 days have lapsed.

Zerokwel in this thread suggested that we limit the transactions to one 5GBP pack per 45 days until they have proved trustworthy. Might seem like a good suggestion, but what if a cracker get's access to a lot of phones/phone numbers, then he could buy one pack with each of those. Of course this would limit the number of fraud cases pr. mobile number, but wouldn't necessarily limit the total amount of cases. But we could for instance, have limits as to how many purchases could be done pr. day and lower risks that way.

But I guess many customers would want more than just a 5GBP pack, so perhaps it would be kind of annoying just to be able to purchase that little in a 45 day period. Still after that 45-day period, we would only know that the handset in question did pay for the 5GBP pack, if we set it on no restrictions, we would have no way of knowing it would be topped up with a stolen CC in the future for bitcoin purchases for instance.

So basically we would need to cover for possible fraud in our margin, and for the service to be profitable we would need to have so few fraud cases that the legit purchases covers for them.

I understand most customers are legit, but there need only be a few rotten eggs before we suffer bad monetary losses.

What we might try would be something like limiting each mobile phone to a 5GBP purchase for the first 45 days, untill we se we are paid, still we wouldn't know for sure how much of a percentage was fraudulent purchases before the 45 day period was up.

I was also thinking about the possibility of asking for identification from the users, but this would be a huge hassle if you just really just wanted some quick coins.

Of course, if we had a system where each phone number had to be tied to identification papers, the chance for fraud would probably be a lot lower, however, how many would really give a copy of their ID-papers just to be able to buy a few bitcoins with their mobile phone? So, instead of the convenience and quickness of just getting the bitcoins right away after sending the text, you'd need to register and submit ID-papers. However, then you could later buy bitcoins as a verified customer with SMS. But I assume most of those willing to submit ID papers are a member of an exchange anyway, and it's a far lot cheaper pr. coin to get them at an exchange with a direct bank transfer, although a lot slower (usually).

So I'm not sure if I can see any solution at the moment where the service could still be of ease of use and highly available to the end customer, while still working good to prevent fraud. Also it seems like we need to have a steep margin to cover potentially fraud cases.

Perhaps bitcoins is not ready for the mobile payment market yet ?

If anyone has more experience with this kind of service, and knows more about the risks involved, then I might as well consider selling all the tld's I've aquired for this service, + the source code. I could even help setting up the service for anyone interested, but I wouldn't be interested in taking the monetary risk.

So, unless there's any good suggestions, I'm very strongly considering shutting down the service for good at this point. It would be great to have a variety of different ways for end users to aquire bitcoins, but mobile payments seems to be a very difficult thing to do in regards to bitcoin.