Full Disclosure mailing list archives
Re: NiX API
From: adam <adam () papsy net>
Date: Thu, 9 Jun 2011 11:51:55 -0500
"You're a legit user --> Why in earth you would like to use a proxy or or anonymizer to do the purchase?" Because you're out of state and PayPal has been *notorious *for locking accounts accessed from *unusual* locations. That's just one example, there are plenty more. On Thu, Jun 9, 2011 at 11:49 AM, <nix () myproxylists com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/06/2011 16:05, nix () myproxylists com wrote:Primarily this is an advertisement. I would guess that it is some anti-hack system for webmasters who haven't a clue, a kind of auto-generating block list. I'm a noob and I am just guessing.It does provide great protection also to those webmasters who got a clue.We had fraudulent purchase almost every second day, paypal let every fraudulent purchase through and the ** next day ** their automation reversed the payment. ..Needless to say how much we got frustrated and pissed while filing their forms regarding unauthorized claims. We were also charged by paypal for a certain percentage of each fraudulent payment!This is where NiX API comes in:In most cases, the malicious user is denied access even before a fraudulent purchase is made!Since implementation of NiX API with it's current featuers: 0 fraudulent purchases in last 2-3 weeks period. It definitely does something.I don't see how it is possible to tell a fraudulent paypal payment from a legitimate one, unless the IP address used to make the purchase is all ready known as a source of fraudulent transactions.You don't see it because you have no experience. Let me enlight you a bit. You're a legit user --> Why in earth you would like to use a proxy or or anonymizer to do the purchase? Why I would do so and purchase unless I have something to hide? You have the option block or allow hosting provider ranges, of course. You are a fraudulent user --> Of course you want to use any IP that is not yours and not a surprise; A majority of fraudulent purchases originates from proxies, anonyminity networks, VPN's (commonly hosted by hosting providers due to fast speeds) and so on. After careful verification, we have accurately 'blacklisted' this data beforehand and this way our API will block the user real-time, not after the damage has happened unlike the others.Obviously if "John Smith" made a payment from an IP address originating from China, Japan or other non-English/American IP address range then something is suspect, but this is still not definitive.This is one method how a majority of payment gateway protections add a 'fraud score' to the final decision whether or not to prevent the transaction. According to experience from my own sites, it has been 85% of times definitive.How could this system stop a fraudulent payment from a source with an IP address the system has never seen before originating from a corporate address block or respected ISP, or unlikely but not impossible an IP address that has previously made a valid transaction? Any smart fraudster would use a device purchased with cash using aspoofedMAC address from a wifi hotspot out of sight of CCTV. Please enlighten me, or would that let the cat out of the bag? regards mx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBTfDu6bIvn8UFHWSmAQLG1gf9Gv9cpFERJWbxzY05U4Wd6vYxLQb2N4Oy eb8HWYsVALjDO2M3Od9FdXRFCtkF7VHx4hsL67fe69UAqRq3+7yUJEpj+vPMGhow lrb9Nn93R5r14i/dCYJTKQkzQ8zdvkYv3uyvu9A7MP+ME4mukBUTFUyCN2oekr6R fHa7YcjUkB43+IocUjr0EqnVZLtGMbJsFzGXoUNTVpIwPrj5kvTOo4rK8upwaE9g 1V3TRUM815v2hq7IH9IUdu2mAKB9UDNEp8K6Vi6RL0ZMGNWXsf9BL8kmDD/dcOlf 9e2MSN6QQOYeAMYNaZSgOPOjX0sVqhd/fVKEeBMs+OZaOJOfG1Chow== =ytkT -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: NiX API, (continued)
- Re: NiX API mrx (Jun 08)
- Re: NiX API nix (Jun 09)
- Re: NiX API James Rankin (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Rove Monteux (Jun 10)
- Re: NiX API mrx (Jun 08)
- Re: NiX API Valdis . Kletnieks (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API David Ford (Jun 09)
- Re: NiX API mrx (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API adam (Jun 09)
- Re: NiX API jabea (Jun 09)
- Re: NiX API nix (Jun 09)
- Message not available
- Message not available
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API Thor (Hammer of God) (Jun 09)
- Re: NiX API Haxxor Security (Jun 10)