VENDOR FAQ
What is this site?
Who can use this site?
How does it help me as a vendor?
OK you convinced me, what do I need to do to use it?
What's "marked as private" mean?
What's "Currently marked as draft and can not be displayed" mean?
What are the restrictions on the VendorID and WalletID?
What is this site?
It allows participating online companies or "Vendors", to query one of two .php scripts with a simple HTML form POST over HTTPS containing the valid wallyid of the user of your site, which will give you the latest up to date contact information for that user. The form for the POST is at one of the two below links.
https://mycloudwallet.com/forms/resolve_form.html
https://mycloudwallet.com/forms/resolve_notempty_form.html
Please note the distinction above in the php script name, "resolve.php" will return all fields blank or not and the "resolve_notempty.php" will only return fields that have values. Overall the request is case insensitive, does NOT honor wildcards, should not start or end with whitespace, and is server side RegEx whitelisted. You will get back the user's form data as plain text separated with a new line and field headings separated by a : and two spaces.
| RESOLVE.PHP | RESOLVE_NOTEMPTY.PHP | |
| Profile Profile Status: Public WallyID: I love living in space First Name: Benjamin Middle Name: Lafayette Middle Name 2: Last Name: Sisko Last Name 2: Preferred Full Name: Ben Sisko Address Line 1: 1 DeepSpaceNine Address Line 2: Outer habitat Ring Quarters Apt or Unit number: A City: County or Town: Sector nine State: Zipcode: 88971-5555 Email 1 Personal: Benjamin.Sisko@yahoo.com Email 1 Business: SiskoB@starfleet.com Email 2 Personal: Ben9@gmail.com Email 2 Business: Email 3 Other: Email 4 Other: Telephone 1 Personal Cell: 888 555-0111 Telephone 1 Business Cell: Telephone 2 Personal Land: Telephone 2 Business Land: 888 555-9789 Telephone 3 Personal Cell: Telephone 3 Business Land: Telephone 4 VOIP: 888 555-9999 Telephone 5 Fax: Telephone 6 Other: ---- Social Networking Usernames ---- Facebook Name: Benjamin L. Sisko Facebook Username: JemHadarFighter Twitter: starfleetcaptain Ebay: Emissarysellsstuff Linked In Name: Captain Ben Sisko Instant Messenger 1: yahoo|BSisko Instant Messenger 2: msn|DeltaExplorer Other 1: Friendster.com|benjaminl.sisko Other 2: TDAmeritrade.com|sisko9 Other 3: Reddit.com|sisko9 ---- Personal Information (Demographics) ---- Gender: male Ethnicity: African American Date of Birth (Year-Month-Day): 1960-01-31 |
Profile Profile Status: Public WallyID: I love living in space First Name: Benjamin Middle Name: Lafayette Last Name: Sisko Preferred Full Name: Ben Sisko Address Line 1: 1 DeepSpaceNine Address Line 2: Outer habitat Ring Quarters Apt or Unit number: A County or Town: Sector nine Zipcode: 88971-5555 Email 1 Personal: Benjamin.Sisko@yahoo.com Email 1 Business: SiskoB@starfleet.com Email 2 Personal: Ben9@gmail.com Telephone 1 Personal Cell: 888 555-0111 Telephone 2 Business Land: 888 555-9789 Telephone 4 VOIP: 888 555-9999 ---- Social Networking Usernames ---- Facebook Name: Benjamin L. Sisko Facebook Username: JemHadarFighter Twitter: starfleetcaptain Ebay: Emissarysellsstuff Linked In Name: Captain Ben Sisko Instant Messenger 1: yahoo|BSisko Instant Messenger 2: msn|DeltaExplorer Other 1: Friendster.com|benjaminl.sisko Other 2: TDAmeritrade.com|sisko9 Other 3: Reddit.com|sisko9 ---- Personal Information (Demographics) ---- Gender: male Ethnicity: African American Date of Birth (Year-Month-Day): 1960-01-31 |
Back to Top
Who can use this site?
Any legit business that has a web and/or physical presence I can manually vet in several ways, for example by becoming a user, calling during business hours, researching your reputation, as well as WHOIS, DNS, ping/traceroute, etc as necessary. My targets are mostly online retailers, online forum and blog sites, travel booking sites, news sites, employment sites, etc.
Back to Top
How does it help me as a vendor?
1. Security of course! Use this site as a neutral third party to check your user profile's data before your site (be it webmail, forums, banking, shopping, etc) is asked to do something with potential for abuse, such as
1. Password change requests? (check user’s alternate info, before sending pwd change email)
2. Request forwarding of POP/IMAP email? (check if that email is in the user's WalletID)
3. Changing your user’s contact or ship to info? (check that new address is in the user's WalletID)
2. In this day of online shopping and web participation the average user is getting overwhelmed by online profiles for many vendors, how many of them even keep track of all the different ones they use and the user/pwd that belongs to it? "Remember my password" and "Self service password" changing questions are not really helping, as they are just additional single factor authentication. Now consider when one of your users moves/changes email addresses/changes their phone number/etc. You often get an outdated profile, loose contact with that customer, ship to the wrong person, have a credit card transaction fail, or other issue that causes you to apply a human to fix it. That's expensive, in both money, time, and customer satisfaction. If you use my site, for example, to check of their WalletIDs at checkout/before shipping, or before sending a mass email containing important information, you will be in a better position to service your customer.
3. Anyone with an online presence knows, that the number of clicks and key presses it takes a customer to perform an action has an inversely proportional relationship with number of sales made. Hence, Amazon.com's 1-click patent/lawsuit/history ; so why not use MyCloudWallet.com to enhance your "fast lane" order/registration process? Even a brand new customer would only need to put in their WallyId and credit card info, and click buy. Leveraging my site will allow you to add value to your customer's experience, don't lose that order because the buyer happens to have already created a profile with a competitor in the past.
Back to Top
OK you convinced me, what do I need to do to use it?
1. You'll have to collect the user's wallyid however you wish, for example on the user's profiles, shipping confirmation, mailing list information.
2. I will assign your company a 20 character alphanumeric string called a vendorid, you will use that and the user's wallyid to fill out my form at one of the below two links, depending on how you want the data returned. Error handling in the script will STRICTLY enforce formatting requirements for the VendorID and WalletID, along with returning an error pointing you to this FAQ. I outlined it below.
https://mycloudwallet.com/forms/resolve_form.html
https://mycloudwallet.com/forms/resolve_notempty_form.html
My site will return the data as described this VendorFAQ 1. It will be up to you how you process/store/protect/use the user's information after that.
3. I don't allow just any ol' internet IP from the unwashed masses to access the /forms/resolve*.php scripts so you should send an email to mycloudwallet@gmail.com with the below information
Subject: Participating Vendor Request
Body:
- The public IP space that you will be sourcing requests to the resolve*.php scripts from. In my experience most enterprises use only a small subset of their public IP space for outgoing traffic, so a /24 containing your outbound NAT, or your DMZ space would probably be appropriate for most. This should help to eliminates needless modifications and outages that would not increase defense in depth measurably. Special cases handled as necessary.
- How many requests you expect to send to the site per month per user. I don't need something written in stone, just so I get an idea of how much I need to scale. There is currently no limit to requests depending on how much an "all you can eat policy" will cost me, consider this is subject to change, of course.
- A name, phone number, and email address of a contact person should I need to verify something before allowing access to the resolve script.
- Tell me a little about your company
- Briefly how you heard about my site
I will return the email with your vendorid, when your company's IP range is added to the allow list and your vendorid is added to the database.
Back to Top
What's "marked as private" mean?
The user is allowed to mark their profile as private, as opposed to public, so that requests containing their valid wallyid will return only a string saying "Marked as private" and the date the form was last submitted. This should give the vendor some idea how old the data they have is, depending on the last time they successfully requested the walletid, but not to see changes to data the owner wishes to keep private.
Example
Profile Status: Currently marked as private
Last Submitted on: Fri January 21 2011 19:25 CST
Back to Top
What's "Currently marked as draft and can not be displayed" mean?
If the user saves a registration form as a draft, then it will be assumed to be not finished even if marked public. So resolve requests with that wallyid will only show that status.
Example
Profile Status: Currently marked as draft and can not be displayed
Back to Top
What are the restrictions on the VendorID and WalletID?
VendorID = exactly 20 characters, Alpha (lowercase) Numeric, case sensitive
WalletID = 20 to 120 characters, Alpha, Numeric, Underscore, White Space, Exclamation Point. case insensitive