RE: [registrars] Credit Card Proposal

["Bhavin Turakhia" <bhavin.t@directi.com>]

Hi michael,

Please read my previous post. This still does not help those situations
where fraudsters register multiple 1 years domain names

Almost all registrar interfaces allow check availability on multiple
options in the ordering process. It is quite common for fraudsters to
select 3-6 domain names at a time and register them all for 1 year, thus
making us lose the equivalent of 6 years of selling price plus a hefty
$25 chargeback processing fee if that transaction is discovered to be
fraudulent after 5 days. And it is quite difficult (next to imposible)
to verify every transaction within a 5 day period.

The best way to alleviate this would be if the registry could charge a
minor fee (such as $1-$2) for deletion of a domain name, but refund the
entire amount if deletion is done within 60 days.

This works best for everyone - ie

* gaming of the system is not possible
* it is not TOO difficult to implement at the registry level
* it allows registrars to combat ALL KINDS of cc fraud

bhavin

> -----Original Message-----
> From: owner-registrars@dnso.org 
> [mailto:owner-registrars@dnso.org] On Behalf Of Michael D. Palage
> Sent: Monday, February 24, 2003 11:09 PM
> To: registrars@dnso.org
> Subject: [registrars] Credit Card Proposal
> 
> 
> Unfortunately we did not have the opportunity to discuss 
> credit card fraud during Friday's meeting. One of the reasons 
> for Friday's joint meeting was to identify common positions 
> between registries and registrars when possible. 
> Additionally, in the case where a common position cannot be 
> found, hopefully through intelligent discussion a middle 
> ground could be found on controversial issues.
> 
> With regard to credit card fraud this is how I see the 
> various perspectives, please excuse any over simplifications:
> 
> Defrauded Credit Card Holder: Someone stole my credit card 
> and I want to be made whole, remove the charges.
> 
> Registry: Registrar is required to obtain reasonable 
> assurance of payment per the ICANN Registrar Accreditation 
> Agreement. They added a registration to the registry database 
> for x years, after the 5 day grace period, they are required 
> to pay for what they requested. This is a cost of doing 
> business, and registries are not in the best position to 
> combat credit card fraud since they are prohibited from 
> having contact with the registrant.
> 
> Registrars: The majority of ICANN accredited registrars are 
> small to mid-size businesses trying to make a living in a 
> highly competitive market. In the case of credit card fraud, 
> they are the ones left bearing the full cost of the fraud. 
> The card holder is made whole; the registry keeps all the 
> funds for services it may/may not have to provide; and the 
> credit card company access penalties to the merchant. One of 
> the interesting statistics from last weeks FTC meeting was 
> the fact that there are over a 100 million charge backs a 
> year with a $10 to $20 fee imposed by the credit card companies. WOW
> 
> 
> I would submit that a potential middle ground in this 
> dispute, would be the following approach.
> 
> In the case of a fraudulent multi-year credit card charge, 
> the registry would refund all registry fees in excess of the 
> first year. Therefore, in connection with a 10 year 
> fraudulent registration, the registry keeps $6 and the 
> registrar is refunded $54 dollars. An additional requirement 
> for the registrar to obtain this refund would be the 
> demonstration that the registrar employs a certain minimum 
> level of fraud prevention mechanism, i.e. CVV2, address 
> verification, etc. Although these mechanisms are not 100% 
> reliable, the registry and other registrars should not have 
> to bear the burden of those registrars that refuse to employ 
> reasonable fraud prevention safeguards.
> 
> Obviously, registries and registrars could come up with more 
> extreme positions, but I believe this proposal is not 
> unreasonable and would help to alleviate some of the 
> inequities that registrars must bear in the current credit 
> card fraud scenario.
> 
> Any thoughts?
> 
> Mike
> 
>