Re: [registrars] Re: Credit Card Proposal

[Rick Wesson <wessorh@ar.com>]

Joyce,

Are you sure it was me thet convinced you? I do believe that if we had the
ipaddress, domain, and hash(credit card) that registrars would be capable
of determining if a registration needed additional checking.

remember what we are proposing here has been done in other industries as
was presented on Wed at the FTC. We are'nt saing that a domain shouldn't
be registered just that a domain has had a chargeback on it.

If registrars could communicate to other registrars domains, ip and credit
card hashes, through a secure mechanism, when they have a chargeback I
think this industries risk could be greatly reduced.

If anyone would like to collaborate on building such a project I'd be
happy to lend a hand. just contact me off list.

-rick






On Mon, 24 Feb 2003, Joyce Lin wrote:

> Mike,
>
> I was originally thinking about posting the IPs those criminals came from
> and some other related information if proven valid about them. Rick
> convinced me that domain alone can do the job.  I wonder what kind of law
> the "black list"  would violate if we only use it as a reference.
>
> Joyce
>
>
> ----- Original Message -----
> From: "Michael D. Palage" <michael@palage.com>
> To: "Joyce Lin" <joyce@007names.com>; "Michael Brody"
> <mbrody@tldsystems.com>
> Cc: <ross@tucows.com>; "'Robert F. Connelly'" <rconnell@psi-japan.com>;
> "'Registrar Constituency'" <registrars@dnso.org>
> Sent: Monday, February 24, 2003 4:21 PM
> Subject: RE: [registrars] Re: Credit Card Proposal
>
>
> > Lynn,
> >
> > We must be very careful about how we share this information. There are
> legal
> > pitfalls (statutes) that I have been told about which I do not fully
> > appreciate just yet. Hopefully we could get the FTC to work with us in
> > combating fraud by collecting this information.
> >
> > Mike
> >
> > > -----Original Message-----
> > > From: Joyce Lin [mailto:joyce@007names.com]
> > > Sent: Monday, February 24, 2003 4:11 PM
> > > To: Michael Brody; Michael D. Palage
> > > Cc: ross@tucows.com; 'Robert F. Connelly'; 'Registrar Constituency'
> > > Subject: Re: [registrars] Re: Credit Card Proposal
> > >
> > >
> > > We should have a web page where we registrars can login to post
> > > and view all
> > > the domain names registered with stolen cards and may be with the
> > > first and
> > > last four digits of the card being used.  Once we have the list,
> > > we will be
> > > alerted if the name shows up again for registration or transfer.  Good
> > > thinking, Rick.
> > >
> > > Joyce
> > >
> > >
> > >
> > > ----- Original Message -----
> > > From: "Michael Brody" <mbrody@tldsystems.com>
> > > To: "Michael D. Palage" <michael@palage.com>
> > > Cc: <ross@tucows.com>; "'Robert F. Connelly'" <rconnell@psi-japan.com>;
> > > "'Registrar Constituency'" <registrars@dnso.org>
> > > Sent: Monday, February 24, 2003 3:47 PM
> > > Subject: [registrars] Re: Credit Card Proposal
> > >
> > >
> > > > I hate to muddy the issue here but there is an aspect of cc
> > > fraud that we
> > > > might be able to address within ourselves.
> > > >
> > > > The people who commit credit card frud have become more
> > > sophisticated.  We
> > > > have had instances where a domain was registered with a fradulent
> card.
> > > > Aproximately 45 days after the registration we get notice from
> > > the credit.
> > > > When we confirm that this is indeed a legitmate chargeback and
> > > not an end
> > > > user error we then attempt to place the domain on hold.
> > > >
> > > > At that time we find out that the domain has been transferred to
> another
> > > > registrar.  Calls to the 'gaining' registrar have been met with
> > > little to
> > > no
> > > > support.
> > > >
> > > > If we were to put a system in place to work together on issues such as
> > > these
> > > > we might be able to at least partially address the credit card fraud
> > > problem
> > > > for issues of this nature.
> > > >
> > > > Michael
> > > >
> > >
> >
> >
>