Fraud runs rampant in this industry
What tools to use to prevent fraud on hosting package purchases
Fraud prevention is one of the foremost battle lines implemented within the web hosting industry.
It is very crucial for a web hosting provider to streamline the necessary tools and processes to minimize and prevent this problem.
Many web hosts in this industry have come to purchase automated fraud detection software. These configure directly to the billing system and automatically assign a percentage of probability of fraud. With a MaxMind score that's above X amount which is acceptable to the business owner. However, that is just sometimes not enough.
Across all of our online web hosting businesses, we have prioritized stringent manual reviewing of each order.
For Zosting.com, these processes are as follows:
- MaxMind Scoring: This has been implemented into our backend. Maxmind validates IP addresses making use of IP GEOLOCATION, email addresses, Probability of proxy usage, country of origin and more. It then later utilizes this information to assign a percentage. The configuration of Maxmind allows for automatically declining orders and red flagging them as fraud or actual customers and allowing them to purchase the web hosting or domain name. Per configuration settings. Some hosts choose to block certain countries altogether.
- FraudRecord Scoring: Once we receive an order, our staff member reviewing the order then manually triages the FraudRecord review of the new client. The staff member then adds the score and logs it to the clients' records within WHMCS. If any red flags arise in the report, then this order is placed in fraud status and the order is refused. FraudRecord Scoring makes use of the customers' name, email address, and other identifying data. Then it provides information if this client has had any positive or negative history of previous web hosting providers. The new client has the option to submit other forms of Govt. identification for review and reconsideration.
- Social Media review: We all live in a virtual world someplace these days, internet addiction is real, while we use it in our everyday daily lives, everyone has a social media footprint someplace. Not many these days that do not. There are also websites on the internet that allow for email verifications. We have signed up for these websites. They allow us to verify the new customer is who they say they are. These sites check over hundreds of social media channels and send a confirmation report back.
- Hostbill: Another tool for verification is Hostbill. It makes the use of public information to give accurate information on the probability of fraud and the tool is free to use for many features.
Govt. Issued ID: For Dedicated Servers, we make use of and turn to a Government issued photo ID and also when a customer becomes insistent that and wish to sign up for our web hosting or domain registration, however, do not pass our implemented checks.
Although the above doesn't work for everyone, we maintain manual approvals. We don't play games and cut to the chase. If someone really wants to become our customer, then they should have no issue in accepting our process.
An automatic denial should not be a deterrent. This is also very common in the web hosting and dedicated server industry. Business transactions are occurring overseas. If someone from the United Kingdom wants to purchase our Dedicated Servers in Utah. This can also cause a customers order to be tagged with a fraud status and we lean towards manual processing in those scenarios.
While many implemented fraud detectors in web hosting make use of IP addresses. Another thing that can cause a customer to get placed in fraud status is if your broadband provider issues you an IP address which is 140 miles away from your location. This can also tip the scale in fraud status. Hence customer and company should do their due diligence.
All of our phone calls are recorded for quality assurance and training purposes. Should we choose, our team has the option to review all calls to our call centers in Arizona. This ensures quality 24 x 7 365 support and our team continues to revise and improve on our implemented processes to help serve you better.
We maintain a directory of blacklisted IP addresses that are notorious for ill-intentioned usage of our products. We nor our customers need those sorts of problems on our super fast web hosting servers. We always block them in CIDR as well.
Our billing system is automated:
We make extensive use of WHMCS. Should a customer decide to leave, they can simply lap payment of the invoice. Our systems will send automated reminders for invoice due. After 5 days from invoice payment date. Our WHMCS configuration automatically places the client in a suspended status and sends an automated email reminder. Should the customer choose to laps invoice again, then the customers' account gets placed into terminated status.
We do not charge money to restore:
Accidents happen, thankfully we keep backups of our servers. Should a customer choose to stick around. We can simply restore their website and services. We keep backups for 30 days. Anything past 30 days, we cannot recover.
In conclusion, it is very important for web hosts to implement the necessary steps to prevent fraud. Although the above will reduce fraud massively. One should always implement the human element into the equation as another countermeasure for prevention. Fraudulent orders and individuals affect more than just the web hosting provider. They affect anyone who lands on their website or makes use of their services and in many views unsuspecting individuals.