Slashdot Mirror

← Back to Stories (view on slashdot.org)

Simple PrePay/Checkout System Using MagCards?

Posted by Cliff on from the a-convenient-use-of-the-technology dept.

An Anonymous Coward asks: "I help at a small youth club that has various events on different nights. For awhile now we have had a snack bar of sorts and have been thinking of developing a pre-paid system. We have access to plenty of computers and magnetic card readers (wit blank cards) but any ideas on the software? Also, would there be any way of also using this to keep track of a CD sign-out system?"

3 of 18 comments (clear)

  1. Obvious security issues... by ameoba · · Score: 4, Insightful
    There are a few obvious things here:

    • I doubt anonymous transactions are much called for, so keep -all- the data, other than a single user ID, on your server. No need to have kids comming in and getting $150 worth of pixie sticks at a time.
    • Do your damnedest to keep the physical security of the server (and access points) tight. Kids can do wonders with an accidentally logged-in terminal
    • If you can implement some form of photo-id on the cards, it'll cut down on loss/theft. If printing the pix on the card isn't workable, keep them in the DB.
    • Make sure to keep copious records and excellent backups of all transactions. Hell hath no fury like a parent who thinks somebody's been stealing from their kids.
    --
    my sig's at the bottom of the page.
  2. Extra Layer of securiy req'd by vreeker · · Score: 4, Informative

    As suggested above the security of mag cards are quite trivial. However if you kept a record of what *should* be on the cards on a database of some kind any attempt to use a modified card could be spottted and dealt with.

    This somewhat stupifies the usage of the mag cards as you could just as easily use a barcoded card to track the users and keep all information local.

    CD borrowing system could work just like any library system now. Each user has a barcoded card (easily could be a mag card) that has a user id of some sort. Then the server keeps track of the rest. An added bonus to using the barcode is people could "log-in" from home and check account status. With a mag card the users would need an additional user id printed on the card. (Or assigned one in the application process).

    Just my two clams from above the border.

  3. iButton by JediTrainer · · Score: 3, Informative

    Try the iButton. It's a Java-based little button that can be placed on a keychain (or ring, or watch, or wallet). I imagine they're probably simple enough to program with, and probably difficult to hack. I believe they all come with a unique identifier that can be accessed which cannot be overwritten, unlike with a mag-card which can easily be copied and forged.

    Should be relatively trivial to write a program to interface with a database every time it's touched to your terminal, depending on what sort of transaction you wish to take place.

    --

    You can accomplish anything you set your mind to. The impossible just takes a little longer.