These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
 

[IGB REQUEST] Function: GiveMoney()

First post First post
Author
Talaan Stardrifter
State War Academy
Caldari State
#1 - 2011-11-17 02:02:30 UTC  |  Edited by: Talaan Stardrifter
CCPEVE.giveMoney( PayeeID, Amount, Reason );
CCPEVE.giveCorpMoney( FromWalletKey=ActiveWalletKey, PayeeID, Amount, Reason );
CCPEVE.xferCorpMoney( FromWalletKey=ActiveWalletKey, ToWalletKey, Amount, Reason );

Been a while since this was brought up and I'd like to remind everyone that this is a vital feature that is missing from the IGB.

The wiki shows an excellent mock-up with decent scam protection.
http://wiki.eveonline.com/en/wiki/IGB_Javascript_Wish_List#Transfer_Money
(The Wishlist on the wiki hasn't been updated for over a year now, btw)

For those of us developing/maintaining web-based financial applications, this functionality is invaluable.
There are already functions for creating contracts and market orders, why can we not just transfer money?
Direct Transfer of funds is possible using the contract system, but this contaminates Wallet Journal entries.
MJ Maverick
Hybrid Industrial
#2 - 2011-11-17 03:46:59 UTC
This is a great idea, but even better if it can be configured so the user can define their own amount, for donations.
Talaan Stardrifter
State War Academy
Caldari State
#3 - 2011-11-17 05:19:06 UTC
I agree.
Personally I dont see why they can't just bring up the current appropriate "Give Money" dialog with pre-filled values.
Keil Sonter
Allied Pilots Corporation
#4 - 2011-11-17 22:39:14 UTC
Recurring payments would also be useful

Some service providers handle monthly subscription payments and any way to automate this would be well received.

regards, Keil Sonter Teamspeak3 Hosting services - Www.EvE-Teamspeak.com Website Hosting Services - Www.EvE-Corporation.co.uk SubDomain Hosting Services - Www.EvE-Domain.com

TorTorden
Tors shibari party
#5 - 2011-11-18 07:21:28 UTC  |  Edited by: TorTorden
God I wish this could get reimplemented but I have so far given up hope Cry

We mainly need the corp transfer isk variety, where if we could set all values in the button.

Like amount, charid, wallet division and optional comments.

The main reason ccp said they haven't re-implemented this was something about scams (seriously)

We dont care if someone makes a give me 10 mil isk page and spams it in jita. We would want this for our own internal systems where every character we have are verified by api, and no-one gets into the section with these buttons without verified access.


Please, Please, Please let us have this back Smile


Keil Sonter wrote:
Recurring payments would also be useful

Some service providers handle monthly subscription payments and any way to automate this would be well received.



I think corporations at least should be able to send bills to one another, and the receiver can decide whether to automate it like office rentals or not themselves.
The bill making procedure would of course need to be automate able in a website, say customer x fills out your web form, he then gets an ingame bill he can approve of and automate a recurring payment on.
Callean Drevus
Perkone
Caldari State
#6 - 2011-11-18 20:15:52 UTC
Just the simplest function to send money in the IGB would be fine, no need to get all complicated in my opinion.

Developer/Creator of EVE Marketeer

CCP Atlas
C C P
C C P Alliance
#7 - 2011-11-18 22:08:54 UTC
This has been discussed quite a bit internally, at fanfest roundtables and with various csm's and the concern with doing this has to do with exploitability and scamming.

This would allow someone to have a link on a page that says "give 1000 isk to X corp" but when you click the link it will actually pop up a dialog which gives 1000000 to Y corp. That sort of a thing.

So even though the dialog in-game has the picture of the receiver and you need to click accept and you need to trust the site beforehand this is still something that has a potential for scamming and since it's money we're talking about it's very sensitive.

This summer, when we added new functionality to the ingame browser, we saw quite a number of these sorts of exploits being done on seemingly innocent-looking method call.

So, it requires quite a bit of design and forethought to do properly and I'm afraid I cannot make any guarantees about if or when it will get done.
Renan Ruivo
Forcas armadas
Brave Collective
#8 - 2011-11-18 23:35:16 UTC
Isn't scamming part of the game?

Also, i don't see how any of that could be considered an exploit to the game. Exploiting the gamer? Yes. The game? Not at all.

The world is a community of idiots doing a series of things until it explodes and we all die.

Talaan Stardrifter
State War Academy
Caldari State
#9 - 2011-11-19 00:11:24 UTC
CCP Atlas wrote:
This has been discussed quite a bit internally, at fanfest roundtables and with various csm's and the concern with doing this has to do with exploitability and scamming.

This would allow someone to have a link on a page that says "give 1000 isk to X corp" but when you click the link it will actually pop up a dialog which gives 1000000 to Y corp. That sort of a thing.

So even though the dialog in-game has the picture of the receiver and you need to click accept and you need to trust the site beforehand this is still something that has a potential for scamming and since it's money we're talking about it's very sensitive.

This summer, when we added new functionality to the ingame browser, we saw quite a number of these sorts of exploits being done on seemingly innocent-looking method call.

So, it requires quite a bit of design and forethought to do properly and I'm afraid I cannot make any guarantees about if or when it will get done.


Atlas, thanks for the info.

I agree that some checks and balances should be put in place.
Why not just have a confirmation dialog similar to the one shown with Contracts?
Also, what scamming doesn't involve money?

As you said, you need to trust the site, AND you see who you're paying, AND you need to click Accept (AND maybe have to click accept again if confirming).

So, why don't we need excessive scam protections?
1- You've already set precedent on what UI checks and balances are required for 'satisfactory' scam protection in contracts (Confirmation Dialog)
2- I can already do exactly what I'm asking for using the contract system, it just requires a few more clicks to get through the wizard which can increase scam risk due to ignoring 'superfluous' information windows. (As I mentioned, the problem is not the funds transfer, the problem is the Journal fouling)



rodyas
Tie Fighters Inc
#10 - 2011-11-19 11:26:22 UTC
Well scammin is legal, but it takes work to put those in game and no one would use it becuaes of how easy it is to be scammed.
So you just did alot of work for something no one uses, doesnt sound smart too much really. EVE also has market principles in it as well and take those into consideration while scamming and such.

Signature removed for inappropriate language - CCP Eterne

Bubanni
Corus Aerospace
#11 - 2011-11-19 13:01:24 UTC
rodyas wrote:
Well scammin is legal, but it takes work to put those in game and no one would use it becuaes of how easy it is to be scammed.
So you just did alot of work for something no one uses, doesnt sound smart too much really. EVE also has market principles in it as well and take those into consideration while scamming and such.


Scamming is not okay if you "exploit game mechanics" to do it, you will have to rely on the people you try to scam, to be "not so smart"

Supercap nerf - change ewar immunity https://forums.eveonline.com/default.aspx?g=posts&t=194759 Module activation delay! https://forums.eveonline.com/default.aspx?g=posts&m=1180934

TorTorden
Tors shibari party
#12 - 2011-11-20 07:00:34 UTC  |  Edited by: TorTorden
We would use it profusely, I got half a dozen internal use cases for our corp alone, but It's things not implented since now the best way we achieve this is have a picture launching a show info, we then have to click the tiny little text block and select transfer money, then type in amount etc etc. I'ts a total PITA but it's the best alternative seen so far.

As for scamming that quite frankly is our problem, and for our case not a problem, all access to our internals are based on a separate login verified to the API servers, and so far only directors with elevated system privileges would even see these buttons.

Personally if you are dumb enough to trust and click on random websites from jita local you are realy asking for it, and I doubt the IGB is so secure that if you start doing that you are risking alot more sensitive info than dropping a few virtual monies for a video game.

As far as Im concerned CCP can state that malicious use of IGB methods and headers are provided as is, and if you want to click on random buttons you do so at your own risk.

I honestly cant see this being any different from jumping from highsec to a low sec camp and losing your ship, it's the players decision to jump or not.
Callean Drevus
Perkone
Caldari State
#13 - 2011-11-20 09:51:34 UTC
CCP Atlas wrote:
This would allow someone to have a link on a page that says "give 1000 isk to X corp" but when you click the link it will actually pop up a dialog which gives 1000000 to Y corp. That sort of a thing.

So even though the dialog in-game has the picture of the receiver and you need to click accept and you need to trust the site beforehand this is still something that has a potential for scamming and since it's money we're talking about it's very sensitive.

This summer, when we added new functionality to the ingame browser, we saw quite a number of these sorts of exploits being done on seemingly innocent-looking method call.


I haven't seen the Margin Trading scam being fixed yet, and that seems to have a whole lot more potential to confuse people (indeed, it spawns a new thread in Market Discussion at least once a week) than a dialog which transfers 1M instead of 1K to a person and shows you this beforehand (as in, you at least have the option to see the trouble directly before falling for it).

As was stated before, it all depends on what you do with the power you've been given. The tools themselves aren't evil.

In any case, thanks for the added functionality last summer! Especially the mail function was exceptionally useful (which I imagine was also one with potential for a lot of trouble Roll).

Developer/Creator of EVE Marketeer

PsyKzz
Republic Military School
Minmatar Republic
#14 - 2011-11-20 12:40:02 UTC
Keil Sonter wrote:
Recurring payments would also be useful

Some service providers handle monthly subscription payments and any way to automate this would be well received.


I think this should be a point that could be implemented into the wallet, instead of a IGB change.
We should be allowed to set up standing orders at a personal & corporation level.

That would be truly amazing.

Meh.

Nyio
Federal Navy Academy
Gallente Federation
#15 - 2011-11-23 08:27:11 UTC
We need to make it easier to scam? No thank you.
Two step
Aperture Harmonics
#16 - 2011-11-23 21:05:29 UTC
Simple solution to the security issue is to have an option to enable clickable give money which defaults to off. Then the scammers need to trick people into going to the IGB settings to enable the option, then visit some page and get scammed.

This is incredibly important to lots of corps, not having this functionality places a lot more burden on corp/alliance leaders, and if they quit or burn out, CCP is going to lose more than just those subscriptions.

CSM 7 Secretary CSM 6 Alternate Delegate @two_step_eve on Twitter My Blog

Talaan Stardrifter
State War Academy
Caldari State
#17 - 2011-11-23 23:47:10 UTC  |  Edited by: Talaan Stardrifter
Nyio wrote:
We need to make it easier to scam? No thank you.

You are incorrect. Courier scams are easier than this.

Two Step wrote:
Simple solution to the security issue is to have an option to enable clickable give money which defaults to off. Then the scammers need to trick people into going to the IGB settings to enable the option, then visit some page and get scammed.

This is incredibly important to lots of corps, not having this functionality places a lot more burden on corp/alliance leaders, and if they quit or burn out, CCP is going to lose more than just those subscriptions.

I'm not a big fan of having to have a user change default settings.
Perhaps we could do it with a two-stage trust, like the old API system.
Trust Level 1: Stuff that wont affect a user's assets (mail, info, etc)
Trust Level 2: Stuff that does affect user's assets (Contracts, Market, Give Money)

Require that a website requests trust in order, and show a nice big red flashing warning when asking for trust level 2.

The benefit of this over a simple option button is that the trust is granular per site, and not a global on/off.
CCP Atlas
C C P
C C P Alliance
#18 - 2011-11-24 08:17:28 UTC
Two step wrote:
Simple solution to the security issue is to have an option to enable clickable give money which defaults to off. Then the scammers need to trick people into going to the IGB settings to enable the option, then visit some page and get scammed.

This is incredibly important to lots of corps, not having this functionality places a lot more burden on corp/alliance leaders, and if they quit or burn out, CCP is going to lose more than just those subscriptions.


Looks like the CSM might be picking this up. Blink
Talaan Stardrifter
State War Academy
Caldari State
#19 - 2011-11-25 14:03:32 UTC
Edited OP to add WalletKeys and xferCorpMoney.

If there's a thread for this on the CSM forum, let me know and I'll bump it.
Max Kolonko
Caldari Provisions
Caldari State
#20 - 2011-11-28 02:51:32 UTC
I want to add my 0.02 ISK to the discussion.

please add this :P Its pain in the @#$ to manually pay 50 members their share of weekly/monthly/daily/watherver loot

As for security? Set default focus to Cancel button. Add another confirmation for browser initiated transactions, or add "enable IGB Give ISK" somwhere in IGB setings.