amazonaws.com?

Joel Jaeggli joelja at bogus.com
Thu May 29 13:08:47 UTC 2008


Dorn Hetzel wrote:
> There is a really huge difference in the ease with which payment from a
> credit card can be reversed if fraudulent, and the amount of effort
> necessary to reverse a wire transfer. I won't go so far as to say that
> reversing a wire transfer is impossible, but I would claim it's many orders
> of magnitude harder than the credit card reversal.

To paraphrase one of my colleagues from the user interaction world:

	"The key to offering a compelling service is minimising
	transaction hassles."

I encourage all my competitors to implement inconvenient hard to use 
payment methods....

> A mere "court subpoena" wouldn't even be remotely sufficient.  The person
> wanting their money back would pretty much have to sue for it and win.
> Heck, people that get scammed and send their money via western union can't
> even get their money back...  People who sell physical goods that get
> shipped internationally to places where they can't get them back from have
> been dealing with irrevocable payment forms for a long, long time, and those
> are generally wire transfers.
> 
> Once that guy in Frackustan has my widgets, I need to make darn sure he
> can't take his money back :)
> 
> So, yeah, there would be some customers for whom the couple of business
> hours it take their wire to go through (that's a pretty typical time from my
> actual experience) would be longer than they would want to wait for their
> port 25 or other "risky" service to be enabled, but really, how many is that
> going to be.  We're not talking about the wait for ordinary customers who
> don't need those particular services that tend to be problem children, and
> we're not talking about existing accounts of long standing, just about a
> barrier for the drive-by customer who wants to use services and then not pay
> the cost when they violate the AUP...
> 
> On Wed, May 28, 2008 at 11:53 PM, Peter Beckman <beckman at angryox.com> wrote:
> 
>> On Wed, 28 May 2008, Barry Shein wrote:
>>
>>  On May 28, 2008 at 21:43 beckman at angryox.com (Peter Beckman) wrote:
>>>> On Wed, 28 May 2008, Dorn Hetzel wrote:
>>>>
>>>>> I would think that simply requiring some appropriate amount of
>>> irrevocable
>>>>> funds (wire transfer, etc) for a deposit that will be forfeited in the
>>> case
>>>>> of usage in violation of AUP/contract/etc would be both sufficient and
>>> not
>>>>> excessive for allowing port 25 access, etc.
>>>>   Until you find out that the source of those supposedly irrevocable
>>> funds
>>>>   was stolen or fraudulent, and you have some sort of court subpoena to
>>> give
>>>>   it back.
>>>>
>>>>   I don't believe there is a way for you to outwit the scammer/spammer
>>> by
>>>>   making them pay more of their or someone elses money.  If you have
>>> what
>>>>   they need, they'll find a way to trick you into giving it to them.
>>> Are you still trying to prove that Amazon, Dell, The World, etc can't
>>> possibly work?
>>>
>>  Amazon and Dell ship physical goods.  Amazon Web Services sells services,
>>  as do I.  Services are commonly enabled and activated immediately after
>>  payment or verification of a valid credit card, as is often expected by
>>  the customer immediately after payment.  Shipment of physical goods will
>>  almost always take at least 24 hours, often longer, enabling more thorough
>>  checks of credit, however they might do it.
>>
>>  And even with the extra time to review the transaction and attempt to
>>  detect fraud, I'm confident Amazon and Dell lose millions per year due to
>>  fraud.  The reality is that the millions they lose to fraud doesn't affect
>>  us because a Blu-Ray player purchased with a stolen credit card doesn't
>>  send spam or initiate DOS attacks.
>>
>>  At least not yet; those Blu-Ray players do have an ethernet port.
>>
>>  By your reasoning why don't the spammers just empty out Amazon's (et
>>> al) warehouses and retire! Oh right, they'd have to sell it all over
>>> the internet which'd mean taking credit cards...
>>>
>>  Now you're just being rediculous.  Or sarcastic.  :-)
>>
>>  I am a big, big fan of assessing charges for AUP abuse and making some
>>> realistic attempt to try to make sure it's collectible, and otherwise
>>> make some attempt to know who you're doing business with.
>>>
>>  Charging whom?  The spammer who pays your extra AUP abuse charges with
>>  stolen paypal accounts, credit cards, and legit bank accounts funded by
>>  money stolen from paypal accounts and transferred from stolen credit
>>  cards?
>>
>>  If you are taking card-not-present credit card transactions over the
>>  Internet or phone, and not shipping physical goods but providing services,
>>  in my experience the merchant gets screwed, no matter how much money you
>>  might have charged for the privilege of using port 25 or violating AUPs.
>>  That money you collected and believed was yours and was in your bank
>>  account can be taken out just as easily 6 months later, after the lazy
>>  card holder finally reviews his credit card bill, sees unrecognized
>>  charges and says "This is fraudulent!"  And there you are, without your
>>  money.
>>
>>  Getting someone to fax their ID in takes extra time and resources, and
>>  means it might be hours before you get your account "approved," and for
>>  some service providers, part of the value of the service is the immediacy
>>  in which a customer can gain new service.
>>
>>
>> Beckman
>> ---------------------------------------------------------------------------
>> Peter Beckman                                                  Internet Guy
>> beckman at angryox.com
>> http://www.angryox.com/
>> ---------------------------------------------------------------------------
>>
>>
> 





More information about the NANOG mailing list