Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.

Hosting Advice

Discussion in 'Website Design' started by Adem, Oct 6, 2016.

  1. seemly

    seemly Well-Known Member

    Joined:
    Feb 2011
    Posts:
    1,607
    Likes Received:
    493
    Common sense? Otherwise known as assumption.
    Many of the other options you provide (electoral, address, cv2, IP, web checks is all circumstancial and proves nothing regarding true ID).

    Auth codes is better - but on a new customer signup/purchase, this doesn't help validate anything.

    Just to note; I'm not arguing with you, I was just passing information forward, whilst also wondering how you go about screening your customers for fraud.
     
  2. Domain Forum

    Acorn Domains Elite Member

    Joined:
    1999
    Messages:
    Many
    Likes Received:
    Lots
    IWA Meetup
     
  3. ian

    ian Well-Known Member

    Joined:
    Jan 2008
    Posts:
    4,154
    Likes Received:
    311
    Well I suppose it comes down to what you are protecting against, fraudulent payments, or fraudulent use? In my situation, it is ensuring the payment is good, which is why those points I mentioned are valid. If hosting companies need to prove identity (why?) then that is different, but I certainly wouldn't be happy handing over such information, even with nothing to hide, I don't see there being a valid need.
     
  4. MrMason United Kingdom

    MrMason Active Member

    Joined:
    Aug 2008
    Posts:
    53
    Likes Received:
    3
    Hi all,

    We just thought we'd reply to this thread to explain a little bit about where we are coming from in regards to the checks :)

    This isn't requested for every hosting signup and it is actually pretty rare that we need to request additional ID information. However there are times when an order doesn't meet the minimum security level required to process the order automatically - these are the times in which the person ordering is then asked to contact us so we can request additional information.

    In this case we requested simply proof of identification and this could either be a copy of the account holders drivers license or passport or proof of name / address, this is done purely to verify that the person actually placing the order and the (already verified) details of the cardholder paying for it are the same.

    We appreciate that seemingly this might seem overkill for £3 a month hosting, however it's not related to cost but due to the nature of shared hosting. Once someone has access to the hosting they can then send mail at the rate of 500+ mails per hours per domain and upload content to the servers etc. If someone decides to then use the service for abusive purposes this could in turn affect all other users on the server - if for example the shared IP reputation becomes in anyway damaged all other users on that server could have mail sending issues.

    One of the initial ways we prevent such abuse (other than with the server side technical implementations we have) is at sign up before access to the hosting is given - by checking each order that we receive and if it's deemed to need to be additionally reviewed, we will manually check the order and request extra information when needed. This is as I say rare and there is always an explanation available for the person ordering if they wish to know why their order didn't meet our minimum requirements.

    I hope that helps explain a little about why this was requested and if the user Atlas would please like to get in touch with us again I'm sure we can help resolve this quickly for you.

    Thanks,

    Tom
     
    • Like Like x 1
  5. ian

    ian Well-Known Member

    Joined:
    Jan 2008
    Posts:
    4,154
    Likes Received:
    311
    For me personally, it isn't so much that it seems overkill for £3 per month (because it is the knock-on affect as you've explained), but that "simply proof of identification" isn't that "simple" when you are asking a customer to hand over the most important piece of documentation they will have. I have no idea how you request this information (hope it isn't email), so can't comment on the data transfer process, but I personally wouldn't be comfortable handing over said documents.
     
    • Agree Agree x 1
  6. MrMason United Kingdom

    MrMason Active Member

    Joined:
    Aug 2008
    Posts:
    53
    Likes Received:
    3
    That's fair enough, we understand that some people aren't willing to provide that information - and we will lose their custom.

    We used to use the same logic as you with our new customers, but it simply wasn't good enough - we had fraud with users who we had spoken to on the phone and who provided all the information you've asked for. They then proceeded to impact our other customers and place our environment in danger.

    Our primary concern is keeping our current customers safe - of course we don't want to be spending all this time and effort for something that costs £3/month - but we have a duty to the customers who have been with us for almost 15 years first.
     
    • Like Like x 1