"You're a legit user --> Why in earth you would like to use a proxy or or anonymizer to do the purchase?"
Because you're out of state and PayPal has been *notorious *for locking accounts accessed from *unusual* locations. That's just one example, there are plenty more. On Thu, Jun 9, 2011 at 11:49 AM, <[email protected]> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On 09/06/2011 16:05, [email protected] wrote: > >> Primarily this is an advertisement. > >> > >> > >> I would guess that it is some anti-hack system for webmasters who > >> haven't > >> a clue, a kind of auto-generating block list. > >> I'm a noob and I am just guessing. > >> > >> > >>> It does provide great protection also to those webmasters who got a > >>> clue. > >> > >>> We had fraudulent purchase almost every second day, paypal let every > >>> fraudulent purchase through and the ** next day ** their automation > >>> reversed the payment. .. > >> > >>> Needless to say how much we got frustrated and pissed while filing > >>> their > >>> forms regarding unauthorized claims. We were also charged by paypal for > >>> a > >>> certain percentage of each fraudulent payment! > >> > >>> This is where NiX API comes in: > >> > >>> In most cases, the malicious user is denied access even before a > >>> fraudulent purchase is made! > >> > >>> Since implementation of NiX API with it's current featuers: 0 > >>> fraudulent > >>> purchases in last 2-3 weeks period. It definitely does something. > >> > > > > I don't see how it is possible to tell a fraudulent paypal payment from a > > legitimate one, unless the IP address used to make the purchase is all > > ready known as a source of fraudulent transactions. > > You don't see it because you have no experience. Let me enlight you a bit. > > You're a legit user --> Why in earth you would like to use a proxy or or > anonymizer to do the purchase? > > Why I would do so and purchase unless I have something to hide? You have > the option block or allow hosting provider ranges, of course. > > You are a fraudulent user --> Of course you want to use any IP that is not > yours and not a surprise; A majority of fraudulent purchases originates > from proxies, anonyminity networks, VPN's (commonly hosted by hosting > providers due to fast speeds) and so on. > > After careful verification, we have accurately 'blacklisted' this data > beforehand and this way our API will block the user real-time, not after > the damage has happened unlike the others. > > > > > > Obviously if "John Smith" made a payment from an IP address originating > > from China, Japan or other non-English/American IP address range then > > something is suspect, but this is still not definitive. > > This is one method how a majority of payment gateway protections add a > 'fraud score' to the final decision whether or not to prevent the > transaction. > > According to experience from my own sites, it has been 85% of times > definitive. > > > > > How could this system stop a fraudulent payment from a source with an IP > > address the system has never seen before originating from a corporate > > address block or respected ISP, or unlikely but not impossible an IP > > address that has previously made a valid transaction? > > > > Any smart fraudster would use a device purchased with cash using a > spoofed > > MAC address from a wifi hotspot out of sight of CCTV. > > > > Please enlighten me, or would that let the cat out of the bag? > > > > regards > > mx > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.2 (MingW32) > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > > > iQEVAwUBTfDu6bIvn8UFHWSmAQLG1gf9Gv9cpFERJWbxzY05U4Wd6vYxLQb2N4Oy > > eb8HWYsVALjDO2M3Od9FdXRFCtkF7VHx4hsL67fe69UAqRq3+7yUJEpj+vPMGhow > > lrb9Nn93R5r14i/dCYJTKQkzQ8zdvkYv3uyvu9A7MP+ME4mukBUTFUyCN2oekr6R > > fHa7YcjUkB43+IocUjr0EqnVZLtGMbJsFzGXoUNTVpIwPrj5kvTOo4rK8upwaE9g > > 1V3TRUM815v2hq7IH9IUdu2mAKB9UDNEp8K6Vi6RL0ZMGNWXsf9BL8kmDD/dcOlf > > 9e2MSN6QQOYeAMYNaZSgOPOjX0sVqhd/fVKEeBMs+OZaOJOfG1Chow== > > =ytkT > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
