http://www.e-junkie.com/bb/ E-Junkie Forum RSS en-us Copyright 2009, 19.5 Degrees. All rights reserved. webmaster@e-junkie.com webmaster@e-junkie.com Thu, 1 Oct 2009 21:39:08 GMT Fri, 20 Nov 2009 23:24:35 GMT 681 E-JUNKIE 5 http://www.e-junkie.com/bb/ http://www.e-junkie.com/ej/logo.gif 290 104 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Thu, 1 Oct 2009 21:39:08 GMT
With 7000 merchants subscribed to use our service and logging their transaction details in our database, we have a very thorough grasp of both legitimate buying patterns and fraudulent patterns as well. The solution we're working on will work quietly in the background and is designed to block clearly fraudulent activity in a way that's nontrivial for fraudsters to work around (unlike simple email/IP blocks), yet without unduly affecting legitimate buying activity.]]> E-junkie Discussions; Tyson http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Wed, 30 Sep 2009 01:21:43 GMT
As some one who has seen firsthand both sides of fraud, I'll tell you that it's not the guy who is going to change PP address or IP addresses that worries me. That takes time. Fraudsters have access to 100's of Paypal accounts true, but due to PP's fraud checks they don't always have a matching IP address, or similar computing environment. When they finally do find a PP account that works, their next step is to milk it for all it's worth, while keeping in mind not to trigger unusual usage patterns.

This is where my suggestion comes in, especially in regards to digital downloads. It would eliminate the effectiveness of a hacked paypal account that has passed these tests and are free for multiple uses. As soon as it works once, it's likely that it will be used again and again until depletion. If they then had to wait 2 6 or 12 hours between jobs, it would make it much less inviting.

Anyway, just a polite nudge to have another think about the idea. I'll leave it at that.]]> E-junkie Discussions; schmezo http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Tue, 29 Sep 2009 00:04:58 GMT E-junkie Discussions; Tyson http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Sun, 27 Sep 2009 04:26:26 GMT
On / Off check box. "Limit user to 1 purchase every _____ hours."


email/ ip address is added to blocked buyers list for the chosen time period, and then removed after the time has expired.


Possible? Hard to implement?]]> E-junkie Discussions; schmezo http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Wed, 16 Sep 2009 07:27:08 GMT
I recently had an buyer attempt to get codes via a Paypal check, but was glad to see e-junkie didn't ship. The e-check later failed.

I have been using the techniques mentioned. Limited stock, buy now rather than a cart, and limit 1 seem to be working well.]]> E-junkie Discussions; schmezo http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Fri, 31 Jul 2009 15:28:07 GMT
I do wish companies like PayPal would realise that there ARE users outside of the USA....]]> E-junkie Discussions; instantxboxgold.com http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Fri, 31 Jul 2009 01:54:49 GMT
If you are configuring your products with Shipping/Buyer's Address, you can combine the block at PayPal's end with permitted Shipping Destinations you select in E-junkie Seller Admin > Cart Shipping Settings, so buyers would be unable to select a forbidden country in the cart nor during checkout.]]> E-junkie Discussions; Tyson http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Thu, 30 Jul 2009 22:28:26 GMT
Blocking certain countries from purchasing would be another worthwhile feature.]]> E-junkie Discussions; instantxboxgold.com http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Thu, 30 Jul 2009 01:59:02 GMT E-junkie Discussions; Tyson http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Sat, 25 Jul 2009 20:27:47 GMT Landro
• Add adjustable time delay to delivery after completed payment. It seems some transactions are not immediately flagged for review which results in items being sent right before the review. A delay could possibly allow the PayPal or Google and the credit card systems time to catch up and flag the transaction prior to e-junkie sending product.


I could not agree more with that! That would be a HUGE plus. Paypal will usually suspect fraud in the first 5-10 minutes after the transaction goes through. So if you can set a timed delivery to anywhere from 1 minute to 12 hours i think that would eliminate a lot of problems, at least from what i have personally experienced.

In terms of manually accepting Paypal payments... yeah that's fine if your at your PC all day, which even if i was, i would prefer not to be anyway.

I have just recently been involved with E-junkie and selling codes. I went fully automated and all was great until a few little hackers stole a Paypal account or two and take everything you have in a short amount of time, even with limiting 1 per transaction.

I am looking forward to hearing if we can get that feature implemented in the near future.]]> E-junkie Discussions; xboxlivesource http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Sat, 25 Jul 2009 05:29:21 GMT E-junkie Discussions; cartafina http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Tue, 21 Jul 2009 00:43:27 GMT https://www.paypal.com/cgi-bin/webscr?cmd=_contact-general]]> E-junkie Discussions; Tyson http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Mon, 20 Jul 2009 08:40:34 GMT E-junkie Discussions; instantxboxgold.com http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Thu, 16 Jul 2009 22:44:38 GMT
I'm sorry you are going to have to look for this on the PayPal website.]]> E-junkie Discussions; E-junkieNinja http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Wed, 15 Jul 2009 09:05:16 GMT
Whilst all of the above would greatly improve your product, I feel 1 of the work arounds you have given may help me (and perhaps Landro?)

I've been searching paypal and using their stupid Fembot help system to no avail. Can anyone tell me where you can trn on the ability to manually approve a payment?

Thanks
Dave]]> E-junkie Discussions; instantxboxgold.com http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Wed, 15 Jul 2009 01:33:44 GMT
- You can set your payment processor account (PayPal/Google/etc.) to require manual review/approval of all payments. That way you can personally inspect every payment before deciding whether to accept the order, and E-junkie would only process the sale and issue codes after you complete the payment. This also presumes you have NOT unchecked "Wait for pending payments..." in your E-junkie Seller Admin > Payment Preferences.

- Disable "Let buyers edit quantity" in each product's settings; that way a buyer can only order one unit of any given product at a time.

- Use our Buy Now (rather than Cart) button codes, which take buyers directly to checkout for a single item at a time.]]> E-junkie Discussions; Tyson http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Tue, 14 Jul 2009 15:11:06 GMT
Whilst e-junkie is a great system, I can't use it how I would like either. I can't allow the system to send codes through fear of fraud and charge backs.

What you suggest above, Landro is nothing short of necessity for those that deal with codes that are digitally delivered.

Another function that wouldn't go a miss is to be able to limit the number of purchases per IP/Paypal/credit card account over an X period.

Example... user@paypal.com or even credit card number xxxxxxxx can only purchase x number of codes per x number of days.]]> E-junkie Discussions; instantxboxgold.com http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Fri, 3 Jul 2009 20:20:39 GMT E-junkie Discussions; E-junkieNinja http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 http://www.e-junkie.com/bb/topic/3498/pg/0#post11680 Thu, 2 Jul 2009 17:14:52 GMT
On my site I sell a combination of stored codes and tangible items. I work from home so I am able to monitor the site and sales as they come through. Last month someone made a purchase (1 item, stored code) for $275 through PayPal with a credit card. This transaction was instantly sent to review by PayPal and as expected, the code was not sent. I did not think much of it as it is not uncommon for high dollar purchases get flagged for review. Five minutes later the same buyer made two more purchases for $27 (1 item, stored code) and $90 (1 item, stored code) in two transactions, both of which completed and codes were sent. To make a long story short, this buyer made five more separate purchases from my site only now they were buying the entire inventory for each stored code item. At this point I realized something was not right as legitimate buyers typically buy 1-3 of any given item. I immediately added the name and email address to the blocked buyers / transactions list as sales continued to come through. Each purchase totaling over $100 was instantly sent to review by PayPal and soon the buyer caught on and was keeping purchases under the review amount. Thankfully no more codes were sent because of both PayPal reviews and the block feature. They eventually gave up once the codes were no longer being sent.

The credit card belong to someone in the US and the IP address was registered somewhere in the Russian Federation. I called the credit card holder and told them what was going on and they informed me that they had just received a call from Bank of America regarding some fraudulent activity on the card. Luckily I was able to claim for myself all but one of the sent codes. After all was said and done, I ate $75 in codes and the thief ended up getting away with a whole $27 in items.

To lower the chance of this happening again, I now deny access to my website from any IP not located in the US, Canada, UK or Australia. The collateral damage is minimal as the vast majority of my customers reside in these countries. While this reduces the potential for fraud from the amateurs, it does nothing to protect against those who how to get around the system or are located inside the permitted countries.

For the past five days, my site has again been under attack by someone using PayPal and Google Checkout with multiple stolen credit cards with different names. I am certain it is the same person as the IPs for every transaction resolve to AOL dial-up. It is no coincidence that my last six purchases have been made by six different people all on AOL dial-up. It is pointless to ban dial-up IPs, so for the time being I have banned the entire AOL IP range.

Last night this person made another purchase through Google Checkout for $6.99 with another credit card and yet another name. Google checkout processed the transaction and in less than one minute canceled it due to high risk, but because it had gone through, the e-junkie system sent the stored code. I tried to claim the code for myself, but it was too late.

This is the first time I have seen anything like this and I do not know why for less than 60 seconds it was clear and processed through the e-junkie system. I’m sure they are now plotting their next heist which includes a new people pc dial-up account and this checkout flaw. I am contemplating ditching Google Checkout anyways and this may just be the final straw.

Since the first notable incident, I decided I can no longer store large quantities of codes in the e-junkie system and I no longer digital deliver higher dollar (above $20) items. Instead I now must keep only 2 or 3 of each item in the system and replenish as necessary. What steps do others take to lessen the likelihood of being ripped off or lessen the blow? What other measures are in place from an e-junkie administrative standpoint to help counter the fraud. Personally I would like to see some of the following implemented.

• Ability to set a quantity limit on stored codes regardless of quantity in inventory. This is not currently available with stored codes and while it would not prevent someone from completing multiple transactions, it would slow them down and possibly allow enough time to intervene.
• Add adjustable time delay to delivery after completed payment. It seems some transactions are not immediately flagged for review which results in items being sent right before the review. A delay could possibly allow the PayPal or Google and the credit card systems time to catch up and flag the transaction prior to e-junkie sending product.
• Ability to manually review and approve all stored code orders regardless of payment status. Similar to the Blocked Buyers / Transactions list, but for every transaction. Currently I only know who to block AFTER the fact.]]> E-junkie Discussions; Landro