fraud-prevention

Limiting impact of credit card processing scripts/bots

I'm involved in building a donation form for non-profits. We recently got hit by a fast round of low dollar submissions. Many were invalid cards, but a few went through. Obviously someone wrote a script to check a bunch of card numbers for validity, possibly so they can sell them later. Any ideas on how to prevent or limit the impact of...

User ID verification

If I am setting up a site how would I go about ensuring that the person who gives me a credit card number (for instance) is the person who is authorized to use it? Maybe more generally how would I go about reducing the opportunity for fraud and stolen ID usage whether it be for a purchase or system access. I don't work in this field (o...

Best way to prevent fraud in marketplace app?

I'm developing a marketplace website where tutors and students can find each other. I'm building an online payment system (much like elance or guru.com) where the tutor can get paid and we take a cut. Couple questions: What's the best way to block IP addresses from certain countries like Nigeria? (Note, I am using Ruby on Rails so a...

Fraud Prevention Algorithm

We're looking for a good way to stop fraud on our website. We have a site with constant traffic coming in - we have regular access to the normal info (IP, session, cookies etc), plus info that the users have provided. We need to be able to detect duplicate users in real time. Basically, people are coming in pretending to be different pe...

Regex for keyboard mashing...

When signing up for new accounts, web apps often ask for the answer to a 'security question', i.e. Dog's name, etc. I'd like to go through our database and look for instances where users just mashed the keyboard instead of providing a legitimate answer - this is a high indicator of an abusive/fraudulent account. "Mother's maiden name?"...

Template Matching for relational database

I am trying to do the following: we are trying to design a fraud detection system for stock market. I know the Specification for the frauds (they are like templates). so I want to know if I can design a template, and find all records that match this template. Notice: I can't use the traditional queries cause the templates are complex ...

Where can I learn about security and online privacy?

I'd really like to start including shopping cart functionality in my projects. At first im content relying on paypal links, but I really want to be learning about specific security threats and how to combat them. Eventually I want to feel comfortable receiving and sending customer credit card details for ecommerce. Obviously this is a ...

Detecting throw away and virtual Credit Cards

The type of business I run allows customers to get results before they pay. I take their credit card information when they sign up, and afterwords anywhere from a week to a month charge them for my services. Most of the time this goes smoothly, but occasionally people will try and game the system by using virtual credit cards, and throw ...

What is the best book on payment fraud analysis, detection and prevention

Hi there Im looking for a good book describing what types of fraud can you come across in online services as well as some techniques of detecting and preventing them. Does not have to be super technical, im more interested in bigger picture than algorithms (maybe even financial or forensic angle) : ) Thanks for help : ) art ...

What methods do you use to limit credit card fraud?

We're running a completely self service system where money comes in via credit card, and (much of it) gets paid out to other users in the system. Because of this, preventing fraud is a must. When I say fraud I mean people adding credit cards that are stolen, but still work fine. These are transactions we might find out are fraud days af...

How is click-fraud detected?

Which methods do Google (and other PPC companies) use to prevent click fraud? ...