undefined | Better HN

0 pointsthreeseed11y ago0 comments

How does SMS verification help ? You can just buy a prepaid phone.

0 comments

How does using ID verification help? I can just use a borrowed/stolen/pilfered ID?

At some point, you're hitting diminishing returns in your verification requirements.

I assume they look for name on ID that matches name on payment method. That's what I used to do when I worked in a hosting company ~10 years ago.

This way, if someone has a stolen credit card, there's a very good chance, they won't have a matching government ID with same name. Hence obvious fraud.

toomuchtodo11y ago

Does a prepaid card name verification occur during an auth? Also, does Digital Ocean disallow prepaid cards from being used to pay for service?

Their pricing/billing page indicates they'll accept these cards if the payment is made through Paypal, which will shield them from payment fraud, but not if the card is prepaid but the users actions on the instance are malicious.

https://www.digitalocean.com/help/pricing-and-billing/

raiyu11y ago

Here you see the complexity of the process in that anything that is added or used can be circumvented, including IDs and so forth.

In regards to pre-paid and debit cards we saw a very high incidence of abuse related to those cards specifically so we've had to put certain restrictions on them as well.

We're going to look for other layered approaches that can be created programmatically to increase the authenticity of a user and need to get that implemented asap because I'm in agreement that this ID request is a horrible workflow and also it still isn't fool proof so its just doubly bad.

Running the product prioritization meeting today so we'll bring up a couple of solutions and begin to prioritize and implement.

1 more reply

j / k navigate · click thread line to collapse

0 comments

toomuchtodo11y ago

How does using ID verification help? I can just use a borrowed/stolen/pilfered ID?

At some point, you're hitting diminishing returns in your verification requirements.

thekonqueror11y ago

I assume they look for name on ID that matches name on payment method. That's what I used to do when I worked in a hosting company ~10 years ago.

This way, if someone has a stolen credit card, there's a very good chance, they won't have a matching government ID with same name. Hence obvious fraud.

toomuchtodo11y ago

Does a prepaid card name verification occur during an auth? Also, does Digital Ocean disallow prepaid cards from being used to pay for service?

https://www.digitalocean.com/help/pricing-and-billing/

raiyu11y ago

Here you see the complexity of the process in that anything that is added or used can be circumvented, including IDs and so forth.

In regards to pre-paid and debit cards we saw a very high incidence of abuse related to those cards specifically so we've had to put certain restrictions on them as well.

Running the product prioritization meeting today so we'll bring up a couple of solutions and begin to prioritize and implement.

1 more reply

j / k navigate · click thread line to collapse