LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

Order Rejected by Fraud Checks? Five Ways to Avoid This Fate

FraudYou don’t need LowEndBox to tell you that fraud is a huge problem in the online world.

Someone like Amazon, has the funds to write custom fraud detection, partner with the industry heavyweights, and hire a fleet of specialists (human or AI) to watch transaction in real-time.  Your average low-end hoster cannot do this, so they rely on third-party solutions such as MaxMind or FraudRecord.

And the stakes are real.  A typical scenario goes like this:

  • Alice has a credit card
  • Mallory steals the card
  • Mallory signs up for hosting services, paying with Alice’s card
  • Some time later, Alice notice the card is stolen and charges back everything
  • PayPal charges the provider a service fee (in the neighborhood of $30!) for the chargeback
  • Provider now is out the service fee, out the use of resources, and probably has work to clean up spamming, IP reputation, etc.

That’s one example – there are tons of other scenarios.  The point is that if the provider is making a thin margin on services, it takes a ton of transactions to make up for even one chargeback.

Hence, fraud detection.  Inevitably, these solutions generate false positives.  Here’s how you can avoid being one of them.

#1. Sign up from home. The IP you use to sign up is noted, and checked via MaxMind’s GeoIP.  If your home address is in London but the order is coming from Kyrgyzstan, odds are your card has been stolen.  Of course, it’s perfectly possible that you’re just traveling, but the provider probably won’t take the risk.

#2.  Don’t use a VPN to sign up.  This is related to #1.  Even if your VPN is in the same city as your home, it may be noted as a datacenter IP which will likely flag your account.  Drop your VPN before you sign up.

#3.  Use a PayPal that matches your signup email.  Not all providers enforce this (we were just discussing one that does on LowEndTalk) but it makes sense: stealing a PayPal login is the same as stealing a credit card.  If you’re logged into the portal as john.smith@example.com, why is your PayPal a.lukashenko@dictator.be?

#4. Use your real info.  This should be a “duh” but it applies to everything asked.  Don’t be cute and put “123-456-7890” as your phone number.  Don’t list yourself as “First Name: Elite, Last Name: Hacker”.  Providers want to know who their customers are.

$5. If all else fails, contact the provider.  One of the advantages you have working with a small host is that you can get ahold of a human, not just an Amazon AI bot.  Send them a note and you can probably work it out.  They can tell you what’s generating the false positive or work out an alternate form of identity verification.





No Comments

    Leave a Reply

    Some notes on commenting on LowEndBox:

    • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
    • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
    • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

    Your email address will not be published. Required fields are marked *