Fraud Prevention - IT Hare on Soft.ware

Your mileage may vary. Batteries not included

While classical security with its best practices can be considered a science – fraud prevention is a kind of art. It is not generally possible to build a system which is 100% protected from frauds and cheats – but at least we can try, even when it requires us to cross the line and go into realm of the security-by-obscurity.

Fraud Prevention, page 1/1 :

Payment Processing. Credit Cards. Chargebacks and Collateral Damage

Quote:

“Chargeback monster will come from under the bed and will eat all your hard-earned money!”

Another Quote:

“it is trivial to develop a system with guaranteed zero chargeback rate – to achieve this, it is sufficient to decline each and every transaction at pre-filter stage”

[→]

War on Clones, Part II. Identifying Mobile and Browsers. Social and Payment-Based Identification. Putting it all together.

Quote:

“as much as iOS is a device identification nightmare, Android is a device identification paradise.”

Another Quote:

“Everybody makes occasional mistakes, cheaters/abusers included.”

[→]

War on Clones, Part I. IP-based (non-)Identification. Identifying PCs and Macs

Quote:

“NEVER EVER use IPv4 for long-term bans”

Another Quote:

“If using MAC addresses to identify devices, you SHOULD gather stats on repeating MAC addresses within your DB”

[→]

MMOG. RTT, Input Lag, and How to Mitigate Them

Quote:

“For fast-paced games, there is one big problem with the flow shown on this diagram, and the name of the problem is “latency” (a.k.a. ‘input lag’)”

Another Quote:

“No, better bandwidth doesn’t necessarily mean better latency”

[→]

On Cheating, P2P, and [non-]Authoritative Servers from “D&D of MMOG” book

Abstract:

“Any successful MMOG faces cheaters, and currently authoritative servers is the only way which enables fighting them.”

Quote:

“Two things are infinite: the universe and human stupidity; and I’m not sure about the universe. — Albert Einstein”

[→]