Fraud Prevention?

Hi,

Is there a way to help prevent against fraud or stolen IDs? Im thinking about this, and am thinking there isnt much we can do..

If we force people to create account first, and verify email, then signup for a paid access, they could simply be using some dummy email and someone else’s paypal account.

So either way, if a paypal account falls in the wrong hands, they can essentially get access to the site, or if they create a dummy paypal account with somene else’s credit card… Either way, we’re forced to the crappy return policy of PayPal for digital goods.

Any thoughts?

Well, yeah, if it’s about payments, it comes down to the payment gateway’s fraud prevention.

If it’s about stolen accounts, in any service, then it comes down to the user having a good password and not making it known.

What situation in particular is worrying you? Are these hypothetical or did you have an experienced with a hacked account that you’d want to prevent from happening again?

Well, I’ve had 3 disputes so far… I offer a membership site that contains information. People can subscribe, claim someone hacked their Paypal account, then get refunded the money, but leave with all the knowledge from my site.

Sorry, I know the post seemed somewhat directionless, I was more or less thinking out loud… if there was a way to ensure that the users using the paypal account were the actual owners… but again, I think that’s impossible.

Well, you can look at their IP addresses from the checkout and the person disputing it… That would help a lot if they’re the same, or at least a little if they’re close.

Nice, good idea Cristian.

Adding in a built in feature for anti account sharing would be great too :) I.e. set no more than 1 IP per day per account.

There already is a similar idea to that Synergy, check under Dashboard -› s2Member® -› Restriction Options -› Unique IP Access Restrictions.

Hope this helps. :)