This is somewhat related to the fraud thread but I wanted to start a new thread to avoid any confusion.
How can we determine if our customer is who they say they are and that the credit card or other means of electronic payment is valid and belongs to them? Is there a way?
Also, what liability is there if one of these dishonest people actually makes a purchase and then later we find out that they weren't the original card holder?
I think phone verification is must, also do not accept order unless you receive complete information that should include, name, full address, email address and phone numbers.
I understand the need for a phone verification process. I'm not sure how that will help me. I know if I do a transaction with a bank or something online I have to enter the phone number that matches the account. If I am setting this up how will I know this? Would it be easier to require them to use something like PayPal who can do the verification for me?
Even paypal can be faked because you can have a paypal account that isn't linked to a bank account. You just use a verified paypal account to send money to it.
But that's the thing-verification. That's what you need to look out for-it means that the account is linked to a real bank account, and so if you only accept verified paypal accounts you have a better chance.
Even registrars do this with domain purchases, or at least some of them do. Out of three that I've used, both godaddy and dotster required phone numbers and called me to check in. At the time I was thinking this was to my benefit since they asked if I was satisfied and if I needed any help, but now I'm realizing that it also improves their fraud prevalence.
Personally think about talking to other hosting supplier and/or friends if your only a small hosting supplier on the net, only. If you're not only on the net (i.e. a limited company, or plc, etc), fruad detection would be a great idea. Its entirely up to you how you put it - I see it as they pay the bill, no problems - but whenever I've owned a web supplier, I've always made a relationship with my clients so they are not just a billing number on our billing system.
__________________ ||| Waves'
||| Alex Courtney
||| HostPastima Owner/Founder
||| HostPastima.com // Coming Soon
Last edited by AlexCourtney : 07-12-2008 at 09:50 AM.
I have configured MaxMind to screen all orders. I have not enabled the phone verification feature, as I don't see a use for it currently. The only time I call to verify an order is when a dedicated server is purchased. If I see an order that could possibly be fraudulent, I usually do a whois on the domain and see if 1) the domain exists and 2) if the account holder is the legal registrant of the domain.
MaxMind + manual checking of every order, once you get a lot of fraud orders, you can see the little hole which will most of the time be an IP of a server or such.
__________________ █ vexxhost web hosting: Innovative high performance web hosting solutions.
█ Operating at our own private datacenter space & network from Montreal, QC.
█ Shared & Reseller Web Hosting - Virtual Private Servers - Dedicated Servers
MaxMind + manual checking of every order, once you get a lot of fraud orders, you can see the little hole which will most of the time be an IP of a server or such.
The IP/hostname the customer uses to sign up for hosting usually gives them away -- if you know what to look for.
We also use fraud prevention with phone verification. It checks the address on the credit card number, and then the phone number, and then the IP. It uses that and the information provided to find out where the client is located, and how close that IP/phone number is to their actual location.
I've always wondered about giving my account info to customer service agents themselves. Who's to say that one might not take my credit card info and go on a wild shopping spree with it? This is one of the many reasons I choose to either order by mail or order online myself without the help of any CSR.
New Post
Old Post
