Re: [registrars] Credit Card Update

[Paul Goldstone <paulg@domainit.com>]

Michael,

While reporting stolen card numbers to the CC companies and law enforcement
agencies would certainly be an honorable thing to do (for the sake of the
actual cardholders), I'm not sure if it would deter the people we're all
dealing with.

Although the Email address often remains the same, the credit card number
rarely does.  In fact, many fraudulent regs are proceeded by several
attempts with several credit cards (another sign we could probably look for)

We're about to implement the 4 digit code from the back of cards, and based
on other responses on this board so far, it sounds like that'll make a huge
difference.  Thanks to everyone for their input!

~Paul

At 09:20 AM 9/26/2002 -0400, Michael D. Palage wrote:
>I am glad that we are having a more open dialog with regard to credit card
>fraud. I think this is another positive sign of the maturity of our
>industry. I am trying to line up a credit card industry expert to speak with
>us in China. It appears that we may have the funds for a telephone bridge
>there as well :-)
>
>As I mentioned yesterday, I foresaw potential pitfalls in setting up a
>database of alleged fraudulent cards. Navigating this minefield in the
>United States begins with the Fair Credit Reporting Act, 15 USC 1681 et seq.
>to determine whether this would be a covered activity. If any other non-US
>registrars could point out similar statutory provisions I would greatly
>appreciate it. In the short term, I believe that a more prudent course of
>action would be reporting these potential fraudulent actions to the credit
>card companies and the appropriate law enforcement agencies.
>
>Best regards,
>
>Michael D. Palage