PDXUSA You have a very closed mind. In 1994 Caller ID spoofing was possible through PRI lines, however no body talked about it until things like spoofcard.com blew it up and it became an 'issue'. The truth is it has always been an issue by the small number of people who had the limited knowledge on how to do it. Your service GUARANTEES that the correct number is going to be sent to your subscribers. That Guarantee is violated, when *ANYONE* can spoof to your customers. Not to mention the fact that ANYONE can spoof to your customers USING publicly available 'spoof cards' by spoofing to DIDs such as the 305-890-1199 that POINT to your customer's phone numbers, or in this case your test number. You can't even demonstrate with a TEST number that the correct number will be sent to your subscribers. Anyone can take a S*** in a box and mark it Guaranteed, it doesn't make it reliable. The fact that there is a known security threat, you are lying to your customers about it and pretending that only certain people can spoof(when in fact anyone on this board who has a spoof card and the number to the DID can bypass your security and call your customer's 'verified') BTW, the DID was not hard to create, and was not created by an 'AT&T official', it was created by a phone phreak who frequents this board. You can pretend like your service does something, but in actuality that perception is the same perception the telcos had about Caller ID, it's only a matter of time before someone learns how to do it on their own and defeat your system. I will compare your service like this; Credit cards used to be verified by Card Number & Expiration Date. Now it's Card Number + Expiration Date + CVV2(3/4 digit number on the back of the card). This is to 'prevent' fraud. In reality, the CVV2 is nothing more than a 2nd "expiration date", since if you copy all of the information, you don't need the physical card to buy stuff over the net/phone. Same thing with your company, you're basically just verifying a second phone number field, which can also be spoofed, yes not by calling direct with spoofcard, but using spoofcard coupled with another method will do the trick. Not to mention your service doesn't allow legitamate phone calls from voip customers, but that's an unrelated whole different story. Your service would be nice to have as a 'feature', but it should never be absolutely relied upon. Just like before Caller ID was even invented, you NEVER know who's on the other end of the phone when the person is CALLING YOU. The only true verification is to call the person back.