I'm getting ready to launch our new webstie. I'm pondering the idea of instant account activation for our shared webhosting products. The only thing i'm kinda worried about is the fraud of course, so I will most likely get the Modernbill fraud service. My question is, has anyone found any major problems with doing this?
With shared accounts I do not see much of a problem with it, especially because you intend to use some kind of antifraud system.
If you were to offer VPS or dedicated servers, then I would certainly not intend to use instant setup, as it is way too risky. From experience we can say that there is much more abuse with those than with shared accounts.
█ IceBlueHost | Premium Quality Hosting Solutions
█ Shared | Reseller | Xen VPS | Dedicated | cPanel | Softaculous | CLoudLinux | Game Servers
█ True 24x7 Support | No Overselling | Servers in France and Canada
█ Follow us on Twitter for the latest news and special promotions
Even with fraud protection, a small percentage of fraud orders will come through. You should do a manual screening as well (after time, you will eventually be able to spot fraud orders manually by looking for certain signs)...
Offer 24 hour setup turn around in conjunction with fraud protection.
If you think the profit will be higher than the costs of cleaning up spammers that get through and also chargeback fees, then go with instant activation. I personally wouldn't.
█ InnoHosting, Performance Web Hosting || US: 1-888-522-INNO UK: 0800 612 8075
█ Web Hosting - Virtual Servers - Managed Servers - Application Hosting
█ Reseller Hosting with WHMCS & Preloaded KB | SSL | activGuard | End User Support
█ LiteSpeed / CloudLinux / Idera Backups / True 24x7 Support / 10+ Years in Business
I was going to allow for instant activiation and every morning review all the new orders to make sure they look legaitmate, and mabye even call on all the new orders to confirm. For a start that might be a solution. There would be CVV and AVS verifcation which would help the chargebacks. The only thing i'm worried about is fraud orders with domain registrations. If a domain registration order goes through that is fraud and I end up paying the $$ for the domain. Does OpenSRS credit for this?
It is not a bad idea. It provides something extra to customers. However you have to properly secure it.
Main issues you'll face is a fraud order that then it's used for spamming or illegal content. It can bring down the server or even worse, have your IP nullrouted.
So I would first make all signups under one special IP and once customer is verified move the account manually to your server main IP. As well, ensure that no process can overuse cpu and if you detect high cpu load, the server itself disables that IP automatically.
This kind of setup enables signups to be processed even if you cannot check your server in 24h.
I agree with prudent - just manually review each one and activate. This is with years of experience going back and forth - I personally review each order now.
Fraudulent orders will often be for your most expensive package. "Why not?!"
I remember having a ver high-end package out there for like $75/mo and got a sign up. I was clicking my heals when I got the message on my phone. Then I realized it was an @yahoo address. Doh! Sure enough...
Well, you really are not loosing anything besides a domain which is on average, $10 per year.. So you are loosing $10 for every fraud order... I think you need to look at your statistics and decide what percentages are legit versus fraud.
I think it's basically invonvenience: of moving, of learning a new control panel, new host, getting billing set up, risking ending up somewhere worse than you are now. One of the best things a host can do is to offer to do the move for them and get things set up till they work the way they did or better for free.