North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: amazonaws.com?

  • From: Dorn Hetzel
  • Date: Mon May 26 10:32:00 2008

Requiring accounts have more time active with charges on the same credit
card than the length of the chargeback window before they can transmit on
25, or be filled by wire transfer if someone is in a huge hurry would
certainly do the trick.n  Yes, some business would be lost, but probably not
much.

On Sat, May 24, 2008 at 3:10 PM, Seth Mattinen <[email protected]> wrote:

> Barry Shein wrote:
>
>>  > not to excuse this, but... it's not a simple problem. The 'bad guy'
>>  > rolls up to the website, orders 200 machines for 20 mins under the
>>  > name 'xplosiveman' pays with some paypal/CC and runs his/her job. That
>>  > job happens to create a bunch of email outbound. It could be a
>>  > legitimate email service outsourcing their compute/bw needs to AWS, it
>>  > could be 'pick-yer-bad-spammer' ... AWS really can't tell until after
>>  > when the complaints roll in. :(
>>
>> Oh rubbish, it's a trivial problem.
>>
>> You verify the payment method in advance and make it clear in the
>> agreement to use the resources that any of the following activities
>> (list, define...) will be billed at a steep rate (e.g., $100 per
>> spamming complaint) and make some reasonable effort to ensure you can
>> collect that, like do an authorize on their credit card (that's what
>> hotels do to reserve but not charge typically $1000 or whatever on
>> your card when you check in.)
>>
>> It's trivial, using your systems to spam is a cost, make sure at the
>> very least you get paid for it.
>>
>>
> And 6 months later, a chargeback shows up because the cardholder claims
> their card was used fraudulently. The bank will most likely side with the
> cardholder if you challenge it. How can that loophole be closed?
>
> ~Seth
>
>
>