Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How do you deal with FraudRecord listings?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do you deal with FraudRecord listings?

SplitIceSplitIce Member, Host Rep
edited July 2022 in Providers

How do you calculate FraudRecord review requirements?

Is anyone out there using the name field in their to review (or reject) order calculation?

If so is anyone willing to comment on how they handle user identification (i.e common names)?

We have been using email addresses for a while, and throwing alerts for review on any order with at-least 2 or more reports. Totally ignoring the name field.

I just finished the paypal submission for someone who would have been rejected if we also integrated the name field (1x email report, 3x name report - including the email report) so curious if anyone here would have caught that.

Comments

  • emghemgh Member

    Can't you review name matches IF there's at least one mail match?

  • WebProjectWebProject Host Rep, Veteran
    edited July 2022

    FraudRecord data is stored and processed outside of EU. We used to use it, not anymore (due to GDPR) as other options of fraud screening is available.

    FraudRecord used to be storing the customer name + email + ip address and based on match be able to see any past order and usage history of the customer.

  • LeviLevi Member

    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

  • HybulaHybula Member, Patron Provider

    We are actually working on a similar project (GDPR compliant and free) and are still discussing about how to determine risk on fields like names or addresses.

    Then again there might be inaccurate and outdated reports under listings. A lot of factors to think about.

  • @SplitIce said: Is anyone out there using the name field in their to review (or reject) order calculation?

    I think rejection by name is not viable and should be reconsidered with other criteria.

  • SplitIceSplitIce Member, Host Rep

    @LTniger said:
    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

    That was the advice we received too.

  • Is there any way to query FraudRecords DB and pull a report for myself?

  • We usually review manually.

    @plumberg said:
    Is there any way to query FraudRecords DB and pull a report for myself?

    Yeah it should be possible. You can view on their site as well
    https://www.fraudrecord.com/api/?showreport=baf224d0cb1f8d4e

    Thanked by 1plumberg
  • HybulaHybula Member, Patron Provider
    edited July 2022

    @LTniger said:
    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

    @SplitIce said:

    @LTniger said:
    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

    That was the advice we received too.

    I'm wouldn't be so sure about this, we have been working with lawyers recently regarding data storage/processing and the GDPR is still strict, if you want to do it right. An IP address can be traced back to a user, but a hash of an IP can also be traced back to a user.

  • LeviLevi Member

    @Hybula said:

    @LTniger said:
    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

    @SplitIce said:

    @LTniger said:
    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

    That was the advice we received too.

    I'm wouldn't be so sure about this, we have been working with lawyers recently regarding data storage/processing and the GDPR is still strict, if you want to do it right. An IP address can be traced back to a user, but a hash of an IP can also be traced back to a user.

    If hash is encrypted with one way encryption, than what?

  • HybulaHybula Member, Patron Provider

    @LTniger said:

    @Hybula said:

    @LTniger said:
    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

    @SplitIce said:

    @LTniger said:
    Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.

    That was the advice we received too.

    I'm wouldn't be so sure about this, we have been working with lawyers recently regarding data storage/processing and the GDPR is still strict, if you want to do it right. An IP address can be traced back to a user, but a hash of an IP can also be traced back to a user.

    If hash is encrypted with one way encryption, than what?

    Encryption is two-way, hashing is not. Yet in both cases it can be traced/linked back to a user.

    127.0.0.1 = Walter White
    4b84b15bff6ee5796152495a230e45e3d7e947d9 = Walter White

Sign In or Register to comment.