New Verisign CC Fraud Prevention Based On IP Address
 

VeriSign Says It Has New Fraud Protection Services

MOUNTAIN VIEW, Calif. - VeriSign announced the launch of a new Fraud Protection Services program suite June 18, aimed at cutting e-commerce chargebacks and buyer fraud by a linkage between computer locations and credit timing information. It's aimed at helping e-tailers make stronger verification of buyers and cutting back on chargebacks.

"Security and fraud on the Internet are critical issues facing retailers," said VeriSign senior vice president for electronic commerce Stephen W. Orfei as the company announced the new services suite. "They increase the costs associated with chargebacks while damaging consumer confidence. (This) fraud solution program provides a very real response to these issues by allowing merchants to use fraud protection services, including buyer authentication payment card programs?ultimately protecting both retailers and their customers and increasing consumer confidence."

One skeptic is Electronic Frontier Foundation technologist Dan Moniz, who said the risks include making anonymous transactions harder and forcing those who prefer to buy anonymously "to subscribe to a special service and pay extra."

The FPS suite includes account security and monitoring services and a feature called Allowed IPs. VeriSign says that feature lets the merchant specify Internet protocol addresses acceptable as account access sources, "ensur(ing) that no one can log in from an unauthorized computer." Another feature, Payflow Pro, lets merchant users restrict transactions to specifically authorized computers.

http://www.avn.com/index.php?Primary...ntent_ID=21728

I guess the idea here is that you could only use your credit card from your specific static IP address, or the IP address range of your dialup provider? Verisign would maybe link your IP address and your credit card and check that data during the processing of transactions?

What do you think? Would it help prevent fraud, or just hurt sales because there would be too much hassle in establishing someone's authorized IP in the first place?

In theory, it's a great idea. But there are so many hassles involved. If it became the industry standard, it would be fine.

.

and what about aolers?

using it as of now.... almost necessary as there are 12 million full user infos floating the net

I can see issues when an ISP say, adds a new class B to their portfolio, or, say rents portalable address blocks that aren't in their name and aren't registered with the service as being theirs... Or, or, or.. The list goes on.

Good idea, just going to need some work.

fuck, we've been doing this for years. where is the newness?

i agree :thumbsup

You use IP's to check on where someone is geographically, right?

But I think they are saying that each card will have a specific IP assigned to it by the processor and you can only use your card from that IP. Like a CVV2 number, but it will be an IP instead.

I know that most companies don't use that type of system right now, because I dial up from all over the place and my cards work fine.

yes