Thread: Exclusive for GFY'rs: Wishlist Granted (mostly) from CoinsBill Bitcoin Processing
View Single Post
Old 08-24-2015, 09:06 AM  
AdultKing
Raise Your Weapon
 
AdultKing's Avatar
 
Industry Role:
Join Date: Jun 2003
Location: Outback Australia
Posts: 15,601
Quote:
Originally Posted by Barry-xlovecam View Post
Do you plan on sending user::password pairs in plain text [sniff... sniff...]?
Not only username:password pairs but everything else.

Here's the code to create a new invoice

Code:
$ curl \
 -H "Authorization: Bearer a9esthaVUjOuvzTCSTXsJUCK0lCMCk"  \
 -H 'Accept: application/json; indent=4'  \
 -X POST  \
  -d '{"email": "[email protected]", "currency": "USD", "country": "US", "billing_first_name": "orliesaurus", "billing_last_name": "smith", "items": [{ "name": "api Name", "quantity": 10, "unit_price": 2}, { "name": "api 2", "quantity": "4", "unit_price": 3 }] }'  \
   -H "Content-type: application/json" http://www.coinsbill.com/api/invoice/
Email, First Name, Last Name, What Was Purchased, Email Address, Price Paid, Quantity

All in plain text.

There's also no data sanitisation that I can see.


Personally I would not trust a tech company offering billing services who can't even edit a $23 ThemeForest Web Page builder output correctly.

Then there's the single chair and desk with a computer in an otherwise empty looking apartment.

Then there's the address discrepancies that seem to pop up.

This guy has used the following addresses:

Apartment 710 / 3575 AVENUE DU PARC
MONTREAL
QC
H2X 3P9
CA

Apartment 512 / 3575 AVENUE DU PARC
MONTREAL
QC
H2X 3P9
CA

AV. GENERAL JUSTO, 151
RIO DE JANEIRO
RIO DE JANEIRO
200021-130
BRAZIL

PO BOX 8669
ABU DHABI
ABU DHABI
UNITED ARAB EMERITES

Then there's the fact that when he was asked who developed website he said he did and some others when in fact it's a $23 page builder output.

In his press release he claims the "company" has over 20 years experience in the payment processing industry however he is not in any of the LinkedIn Payment Processing or Risk Management Groups I am aware of.

He claims to have been on GFY before but "forgot the username".

He claims to have been in Mainstream but has a 2010 registered account on WarriorForum, 4 posts, all of which are gone because like the most recent one they were spam against WF rules.

Then you can look at his Github account and wonder why he has so many empty API's implementations for this service he is spruiking as the answer to everyone's Bitcoin processing needs.

Doesn't pass the smell test.
AdultKing is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote