Welcome to WebmasterWorld Guest from 18.104.22.168
Also, would an ISP actually release such info as what user was using a certain IP at a certain time?? I would have thought that (in the UK) this would have data protection act implications?
I have been there and done that.
First, in your privacy statement it would need edited to state the new tracking usage (if you want to stay legit in the customers eyes).
2nd, when I went through my last chargeback...
A)IPs change, they are not static (as I am sure you know)
B)No, ISPs will not release ANY customer information let alone who was using what IP at what time
C)When I did try contacting an ISP with the IP and E mail header showing who the user was they stated I needed a subpeno(?) and even then good luck with thier legal department. Also how could I prove that someone else was not using thier customers computer to place the order and send the E mail (OK reality check), but they are correct.
All I can say is document everything and have hard copies. Any E mail communications, any signed shipping slips. I even go so far as stating if AVS (address verification) does not match I credit the customer back and E mail them why. I also then ask them to contact thier bank and update the billing information. This last thing is what I find weeds out the "dodgy" people best.
No system is fool proof and without a CC imprint you are exposed. I am also not doing ANY dropshipments.
What does monitoring the IP gain you. If they were static I could see keeping a list of all IPs that placed a fraudulant order and use that list on orders submitted to weed out the fraud but with dynamic IPs what would the point be. sorry must be missing something here...:(
>What does monitoring the IP gain you.
In many cases nothing, but it serves the same purpose as those store cameras. Many of those have no tapes in the VCR or the quality is so bad they can't tell if it was a person or a squirrel the did something untoward.
But the end result is the same, done correctly everyone feels a little safer, it deters the amateurs, and keeps your losses to the pros, which you would lose to no matter what you did.
Funny, this guy is that good at being bad, but yet he needed to get his hands on a cloaking script.
We archive all emails (in and out) and they are searchable to bring up a full history in case of disputes, but it seems all too easy for a customer to simply deny all knowledge of anything, and then the chargeback stands.
We have a 'card not present' merchant account, but no access to databases of CC user addresses etc to verify that the customer is who (s)he claims to be.
Various online merchant services offer increased security checking (eg matching against address etc), but all the ones I've found require you to actually clear the transaction through them.
Does anyone know of a service where I can check a customer's identity details in real time but then process the payment through our own facilities?