ICANN/DNSO
DNSO Mailling lists archives

[registrars]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [registrars] Credit Card Update


Any decent fraudester typically goes thru proxies. Most ISPs typically
have dynamic ip address allocation.

I have SELDOM found an ip address to be useful in detecting patterns
over a long duration. An ip address has value only within hours of a
transaction.

..... A search on google.com for free proxies yeilds endless lists. None
of these guys stick to a single one

bhavin

> -----Original Message-----
> From: owner-registrars@dnso.org 
> [mailto:owner-registrars@dnso.org] On Behalf Of Michael D. Palage
> Sent: Friday, September 27, 2002 12:43 AM
> To: Rick Wesson
> Cc: registrars@dnso.org
> Subject: RE: [registrars] Credit Card Update
> 
> 
> Rick,
> 
> I sort of disagree with your accessment that law enforcement 
> doesn't care, in fact based upon our meeting last week they 
> seem to have a genuine interest in getting the bad guys. I 
> agree that IP address retention regarding transactions is a 
> good thing, and something our law enforcement friends were 
> asking about last week. As we discussed in DC and in 
> Amsterdam, the objective is to make this a win-win situation, 
> reduce fraud, increase data accuracy, and prevent data mining.
> 
> Mike
> 
> 
> 
> -----Original Message-----
> From: Rick Wesson [mailto:wessorh@ar.com]
> Sent: Thursday, September 26, 2002 12:32 PM
> To: Michael D. Palage
> Cc: registrars@dnso.org
> Subject: Re: [registrars] Credit Card Update
> 
> 
> 
> mike,
> 
> rather than share credit card information which IMHO will do 
> us little good and could be a sources of liability, we should 
> share registrant information, ip address, email address would 
> be the most effective.
> 
> I'm not sure a speaker from the credit card industry is going 
> to help so much because what we need is to evaluate folks not 
> on their credit card number but on other elements of their 
> registration data.
> 
> for those interested in new schemes that go beyond CCV2 check 
> out the following beta program with link point. 
> http://www.linkpoint.com/news/news_index.html
> 
> as for reporting this activity to the credit card companies 
> or law enforcement... neither are interested. furthermore the 
> address information used on fraudulent registrations is most 
> often inaccurate, and local law enforcement is not interested 
> in your $210 loss to someone in Istanbul, Turkey; with a 
> phone number in Rome, that doesn't work.
> 
> besides, banks and law-enforcement just don't care, its up to 
> the merchants to care -- as you herd on register.com's call 
> regarding their position their card processor is about to cut 
> them off and has already raised their rates.
> 
> Good business practices saves real dollars/yen/lira, no 
> matter what industry you are in.
> 
> best,
> 
> -rick
> 
> On Thu, 26 Sep 2002, Michael D. Palage wrote:
> 
> > I am glad that we are having a more open dialog with regard 
> to credit 
> > card fraud. I think this is another positive sign of the 
> maturity of 
> > our industry. I am trying to line up a credit card industry 
> expert to 
> > speak
> with
> > us in China. It appears that we may have the funds for a telephone 
> > bridge there as well :-)
> >
> > As I mentioned yesterday, I foresaw potential pitfalls in 
> setting up a 
> > database of alleged fraudulent cards. Navigating this 
> minefield in the 
> > United States begins with the Fair Credit Reporting Act, 15 
> USC 1681 
> > et
> seq.
> > to determine whether this would be a covered activity. If any other 
> > non-US registrars could point out similar statutory 
> provisions I would 
> > greatly appreciate it. In the short term, I believe that a more 
> > prudent course of action would be reporting these potential 
> fraudulent 
> > actions to the credit card companies and the appropriate law 
> > enforcement agencies.
> >
> > Best regards,
> >
> > Michael D. Palage
> >
> >
> >
> >
> 
> 
> 



<<< Chronological Index >>>    <<< Thread Index >>>