How does this work legally, are you acting as an agent, proxy or other authorized representative of the customer, when interacting with the vendor?
On the topic of security: is the customer's identity information, e.g. authorization passcodes required by the vendor, deleted from your database after the transaction is complete? You may also want to add some details on encryption.
Great question! In this case, you should of us as a highly trained personal assistant who is helping you cancel your Comcast. We help manage all the crappy parts of the process behind the scenes, but you're still the person actually doing the cancellation.
How do you verify identity, e.g. could an attacker use this to cancel a target's service? When you call customer service, cable companies usually have a few security questions to confirm the customer's identity. A letter usually has a customer signature. How do you close the identity loop with the person keying data into your web form?
We charge their credit card. We don't think it's likely that people will use this to maliciously cancel people's Comcast, but we'll absolutely cooperate with authorities in the event of identity theft.
On the topic of security: is the customer's identity information, e.g. authorization passcodes required by the vendor, deleted from your database after the transaction is complete? You may also want to add some details on encryption.