<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [registrars] Credit Card Update
Any decent fraudester typically goes thru proxies. Most ISPs typically
have dynamic ip address allocation.
I have SELDOM found an ip address to be useful in detecting patterns
over a long duration. An ip address has value only within hours of a
transaction.
..... A search on google.com for free proxies yeilds endless lists. None
of these guys stick to a single one
bhavin
> -----Original Message-----
> From: owner-registrars@dnso.org
> [mailto:owner-registrars@dnso.org] On Behalf Of Michael D. Palage
> Sent: Friday, September 27, 2002 12:43 AM
> To: Rick Wesson
> Cc: registrars@dnso.org
> Subject: RE: [registrars] Credit Card Update
>
>
> Rick,
>
> I sort of disagree with your accessment that law enforcement
> doesn't care, in fact based upon our meeting last week they
> seem to have a genuine interest in getting the bad guys. I
> agree that IP address retention regarding transactions is a
> good thing, and something our law enforcement friends were
> asking about last week. As we discussed in DC and in
> Amsterdam, the objective is to make this a win-win situation,
> reduce fraud, increase data accuracy, and prevent data mining.
>
> Mike
>
>
>
> -----Original Message-----
> From: Rick Wesson [mailto:wessorh@ar.com]
> Sent: Thursday, September 26, 2002 12:32 PM
> To: Michael D. Palage
> Cc: registrars@dnso.org
> Subject: Re: [registrars] Credit Card Update
>
>
>
> mike,
>
> rather than share credit card information which IMHO will do
> us little good and could be a sources of liability, we should
> share registrant information, ip address, email address would
> be the most effective.
>
> I'm not sure a speaker from the credit card industry is going
> to help so much because what we need is to evaluate folks not
> on their credit card number but on other elements of their
> registration data.
>
> for those interested in new schemes that go beyond CCV2 check
> out the following beta program with link point.
> http://www.linkpoint.com/news/news_index.html
>
> as for reporting this activity to the credit card companies
> or law enforcement... neither are interested. furthermore the
> address information used on fraudulent registrations is most
> often inaccurate, and local law enforcement is not interested
> in your $210 loss to someone in Istanbul, Turkey; with a
> phone number in Rome, that doesn't work.
>
> besides, banks and law-enforcement just don't care, its up to
> the merchants to care -- as you herd on register.com's call
> regarding their position their card processor is about to cut
> them off and has already raised their rates.
>
> Good business practices saves real dollars/yen/lira, no
> matter what industry you are in.
>
> best,
>
> -rick
>
> On Thu, 26 Sep 2002, Michael D. Palage wrote:
>
> > I am glad that we are having a more open dialog with regard
> to credit
> > card fraud. I think this is another positive sign of the
> maturity of
> > our industry. I am trying to line up a credit card industry
> expert to
> > speak
> with
> > us in China. It appears that we may have the funds for a telephone
> > bridge there as well :-)
> >
> > As I mentioned yesterday, I foresaw potential pitfalls in
> setting up a
> > database of alleged fraudulent cards. Navigating this
> minefield in the
> > United States begins with the Fair Credit Reporting Act, 15
> USC 1681
> > et
> seq.
> > to determine whether this would be a covered activity. If any other
> > non-US registrars could point out similar statutory
> provisions I would
> > greatly appreciate it. In the short term, I believe that a more
> > prudent course of action would be reporting these potential
> fraudulent
> > actions to the credit card companies and the appropriate law
> > enforcement agencies.
> >
> > Best regards,
> >
> > Michael D. Palage
> >
> >
> >
> >
>
>
>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|