New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Could be, however source of email could be easily spoofed. It seems more logical if they send something to this email (a verification code) and you have to tell them ot reply to them with the verification code.
A spoofed email is easy to see.
This method sucks anyway, because if the paypal is compromised, it is most likely because the email has been compromised. As such, it would be trivial to do those things.
Slightly offtopic: I have a big problem with paypal and cc payments because ppl use all kinds of bots that "verify" if I am from a certain country to flag the order.
Worst problem I had with BurstNET which called me with the code and then asked for all kinds of papers which I am completely unwilling to provide (told them that, politely). Since then I kept receiving payment overdue notices for weeks until I opened a ticket and asked them to quit sending those since I will never send them anything. After a week more I got reply and the flow finally stopped...
M
As I am unfamiliar with the receiving end of pay pal payments:
Am I giving valuable info or do they already know my email adres?
It differs from the account I signed up with.
I dont understand that...
If you are asking if they see your email address associated with the paypal account, yes, they do.
M
That is what I meant. I registered on their site with an email adres that is not the same as the one associated with my paypal account. Now they ask for an email from the paypal email account.
As I find that strange, I wanted to know if this is a security risk for me.
Sending an email from an account they already know, doesnt increase the risk. It is strange method, but I dont see any problem with it. Much different from asking drivers licence or some bill...
M
Asking for a copy of drivers license or passport would make me cancel the transaction.
A vps is not that valueable for me....
A vps is not that valueable for me...
Same here, but again, one cheap VPS customer is not that valuable for them either to risk a fraud. The methods to check for that might be inapropriate, but I can understand them. They'll just limit to the wealthy customers, and that is a valid marketing strategy.
M
Exactly, a chargeback likely costs them more than the VPS.
personally no one has asked me such a method to verify, but it seems to be reasonable way to verify ownership. However it is better if they send a verification code to your email and you update them back.
PS : The email I use for signups and my paypal email are different. However i haven't been asked to verify so far as a receiver/sender.
We are implementing verification service for our current project.
I'm planning to make it public (as a web service).
Short descriptions of factors used:
Using this parameters we are calculating overall scoring and making decision to accept registration or not.
Cheers
@gbshouse or just use MaxMind
@rds100 - our own solution is cheaper and more flexible
I absolutely hate MaxMind and the feeling is mutual.
M
Doesnt help for Victim Socks
From?
Why?
@William - for me buying something at 0400 looks suspicious. Regarding geolocation - we are using combination of our own datasources, open sources one etc.
So you don't want computer techies as your clients?
Haha, yeah. I guess 5 more years to go and we have finally eliminated the original purpose of the internet. Go providers, icann et al!
A vps is not that valueable for me....
We ask for any valid proof of identification if the order comes up to appear as fraud. We often get fraudsters telling us that they will raise a paypal dispute if we don't give them their services...... then we just refund their money and say well you already have your money back - no need!
So everyone who sleeps during the day is suspicious?
It's just one of the factors - if you notice someone from China or any other high risk country registering at 0400 it is suspicious. Each point from my list is a separate factor.
@corey but I know I am a good buyer. If the seller does not think so I end the transaction. The seller has reasons to label me a risk or worse a fraud and I don not trust the seller with a copy of my id.
Without a mutual trust there should not be a business transaction.
And ending the transfer can be done with some class. A polite message stating the reason to quit and a request fot refund.
Must confess this is theorethical as i have not yet been considered a fraud.:-)
We do; our AUP/TOS states that there will be further verification if the name and/or emails don't match, within reason.
I see nothing wrong with this. The provider needs to trust who is coming onto their servers. And verifying the validity of the email account associated with payment only makes sense.
@Gallus why would you end the transaction just because the buyer has a question about you being fraud or not?
Do you realize how much money fraud orders cost providers?
This is exactly why the seller is asking for verification. They don't need to arbitrarily trust you just because you're buying a service from them.
Without a mutual trust there should not be a business transaction.
What have you done to give the seller any trust? Just walking away is certainly your choice, and you've said you've never been labeled questionable, but really, why do I trust you any more? Because you said "I am a good buyer"?
I think @Gallus 's point was that when a provider asks him for his ID, the provider should also provide his ID to proove his identity (which is reasonable)
@Corey,
I would end the transaction when the seller wants to use methods to verify me that I think are too much for the purchase of a simple VPS.
As long as you treat me like a customer then I will buy from you. If you need proof that I am a trustworthy client: Fine, but keep it like I am someone you want to do business with.
If I have to send a copy of my passport to rent a $20 per year VPS you don't trust me enough to engage in a (business) relation.
If buyer and seller cannot work out the arrangement then both go their own way. No harm done.
I prefer to be treated as a business customer. My main VPS is billed to me with a 30 day payment term. So in affect I am allowed to pay for my VPS at the end of the month, after teh service has been provided. I trust them enough to host the stuff that earns me my money. They trust me to pay on time. We do not disappoint each other.....
I realise that many LEB providers have been burnt many times by fraud, but that does not change the fact that most (I hope) of your customers are honest clients who want to be treated as such.
And as I said: All in theory as no provider has yet treated me as a fraud.
The provider that caused me to start the thread has just processed my orders
@gsrdgrdghd the provider, being a legal entity could provide his company registration. It should usually have the company details / company registration number listed on the website and then you can lookup the registration in the trade register or whatever applies to the specific country.