oles@ovh.net
09-07-2008, 10:42 AM
Good morning,
Short version:
---------------
Since Friday, we have put in place the system to validate of orders by mail.
If your payment fails in the case of manual validation, a letter
is sent with a code to enter. Once you've received and validated, all
your orders are automatically validated and processed without delay. Since
Friday we sent letters of course to new customers but also to
former clients currently failing in the manual validation for misellaneous reasons
(payment from an IP at Ovh, from an IP that has already generated a payment failure,
you've already ordered more than 2 servers per month, etc etc).
Sending this letter is accompanied by an email saying that a letter has been
sent. We should not get angry, shouting the scandal. The goal is to get
a better service whatever your current situation (you are on vacation or not)
and without bothering you. Once the letter is validated, following orders are
always without any requirement for verification and you have a faster service.
We'll send the letter to all clients to provide an excellent
service to all. You will also have a button in the manager
to force the sending of the letter.
It takes 24/48 working hours to receive the letter in France. For customers
of our subsidiaries 48/72. Everything has been centralized in France and is directly travaile
with La Poste to print and send letters.
Long version:
--------------
3 years ago, we had the first abuse of payments. A strip hacker
ordered a dedicated servers and within 30 days after we
have been full of unpaid orders. The payment was suspended by our
bank following a request from Visa. During 5 days we have
been received no payments and we had to sign emergency agreement with a bank
which was managed by MasterCard, Visa.
Since then, we have a system of verification and validation orders
manual controls. For example, the customer places an order with IP
then pay connection with another IP. For example, the customer pays from a
IP already generated an unpaid order. For example, a customer orders more than 2
servers per month. For example, if you are a new customer. Etc. ...
With time and the various abuses on the 3-year history of the system, we
reached about 140 different detections. You do not see them but
your order, after payment, may enter a manual verification
and wait for a human check your order, then decides to accept it,
do expect the return of the bank within 30 days or request documents
evidence (for example a photocopy of identity card). This manual validation
generates 3 problems:
-- It takes time: you spend the order, you feel like your service in
time and this is not the case, because a human has to verify your order. The
order can be up to 24 hours late.
-- Sometimes we go into your private life: you are a Spanish national who lives and works
in Switserland in the south and pay with a credit card in Italy. This does not look suspicious
but some payments are at high risk of being unpaid and we need to verify
who pays.
-- The system detects many anomalies even when it's normal: You can be
on vacation and renew your service from an exotic IP connection.
The fail in the manual audit. We will accept it without
contacting you, but the order will be carried out with the delay and this will cost us
Internal resources for the check.
We have put in place validation by SMS. This has reduced the arrears of
dramatically: 5 times less unpaid per day! Instead of 50, we
have more than 10! We therefore still have 10 outstanding to settle.
To detect these 10 outstanding, we changed the detection commands
so paranoid and we got more than 200 checks daily. 200 orders
that must be checked daily manually, to find
Within the 10 orders for hackers. There is nearing: we do more than 1-2.
The detection has become very complex because the hackers are using credit cards
Stolen French orders from an IP in France, with an address that exists,
and a real phone number, but it is a hacker since the payment is for us
"unpaid" 3 days later and when does the PJ made the inquiry it is a map
Banking stolen. So since 3 weeks, I will validate your orders. The aim
was to see if we can automate these validations by a very intelligent robot. After
3 weeks of validation, I can say that we can not detect a hacker or
a normal customer, without requesting evidence.
Since Friday, we have put in place the validation of orders by mail.
If your payment fails in the case of manual validation, a letter
is sent to you with a code to enter. Once you've received it and validated, all
your orders are automatically validated and processed without delay. Since
Friday we sent letters of course to new customers but also to
former clients currently falling in the manual validation for miscellaneous reasons
(payment from an IP at Ovh, from an IP that has already generated the unpaid,
you've already ordered more than 2 servers per month, etc etc).
Sending this letter is accompanied by an email saying that a letter has been
sent. We should not get angry, shouting the scandal. The goal is to get
a better service whatever your current situation (you are on vacation or not)
and without bothering you. Once the letter is validated, following your orders spend
always without any verification and you have a faster service.
We'll send the letter to all clients to provide an excellent
service to all. You will also have a button in the manager, you will be able
to force the sending of the letter.
Regards,
Octave
Short version:
---------------
Since Friday, we have put in place the system to validate of orders by mail.
If your payment fails in the case of manual validation, a letter
is sent with a code to enter. Once you've received and validated, all
your orders are automatically validated and processed without delay. Since
Friday we sent letters of course to new customers but also to
former clients currently failing in the manual validation for misellaneous reasons
(payment from an IP at Ovh, from an IP that has already generated a payment failure,
you've already ordered more than 2 servers per month, etc etc).
Sending this letter is accompanied by an email saying that a letter has been
sent. We should not get angry, shouting the scandal. The goal is to get
a better service whatever your current situation (you are on vacation or not)
and without bothering you. Once the letter is validated, following orders are
always without any requirement for verification and you have a faster service.
We'll send the letter to all clients to provide an excellent
service to all. You will also have a button in the manager
to force the sending of the letter.
It takes 24/48 working hours to receive the letter in France. For customers
of our subsidiaries 48/72. Everything has been centralized in France and is directly travaile
with La Poste to print and send letters.
Long version:
--------------
3 years ago, we had the first abuse of payments. A strip hacker
ordered a dedicated servers and within 30 days after we
have been full of unpaid orders. The payment was suspended by our
bank following a request from Visa. During 5 days we have
been received no payments and we had to sign emergency agreement with a bank
which was managed by MasterCard, Visa.
Since then, we have a system of verification and validation orders
manual controls. For example, the customer places an order with IP
then pay connection with another IP. For example, the customer pays from a
IP already generated an unpaid order. For example, a customer orders more than 2
servers per month. For example, if you are a new customer. Etc. ...
With time and the various abuses on the 3-year history of the system, we
reached about 140 different detections. You do not see them but
your order, after payment, may enter a manual verification
and wait for a human check your order, then decides to accept it,
do expect the return of the bank within 30 days or request documents
evidence (for example a photocopy of identity card). This manual validation
generates 3 problems:
-- It takes time: you spend the order, you feel like your service in
time and this is not the case, because a human has to verify your order. The
order can be up to 24 hours late.
-- Sometimes we go into your private life: you are a Spanish national who lives and works
in Switserland in the south and pay with a credit card in Italy. This does not look suspicious
but some payments are at high risk of being unpaid and we need to verify
who pays.
-- The system detects many anomalies even when it's normal: You can be
on vacation and renew your service from an exotic IP connection.
The fail in the manual audit. We will accept it without
contacting you, but the order will be carried out with the delay and this will cost us
Internal resources for the check.
We have put in place validation by SMS. This has reduced the arrears of
dramatically: 5 times less unpaid per day! Instead of 50, we
have more than 10! We therefore still have 10 outstanding to settle.
To detect these 10 outstanding, we changed the detection commands
so paranoid and we got more than 200 checks daily. 200 orders
that must be checked daily manually, to find
Within the 10 orders for hackers. There is nearing: we do more than 1-2.
The detection has become very complex because the hackers are using credit cards
Stolen French orders from an IP in France, with an address that exists,
and a real phone number, but it is a hacker since the payment is for us
"unpaid" 3 days later and when does the PJ made the inquiry it is a map
Banking stolen. So since 3 weeks, I will validate your orders. The aim
was to see if we can automate these validations by a very intelligent robot. After
3 weeks of validation, I can say that we can not detect a hacker or
a normal customer, without requesting evidence.
Since Friday, we have put in place the validation of orders by mail.
If your payment fails in the case of manual validation, a letter
is sent to you with a code to enter. Once you've received it and validated, all
your orders are automatically validated and processed without delay. Since
Friday we sent letters of course to new customers but also to
former clients currently falling in the manual validation for miscellaneous reasons
(payment from an IP at Ovh, from an IP that has already generated the unpaid,
you've already ordered more than 2 servers per month, etc etc).
Sending this letter is accompanied by an email saying that a letter has been
sent. We should not get angry, shouting the scandal. The goal is to get
a better service whatever your current situation (you are on vacation or not)
and without bothering you. Once the letter is validated, following your orders spend
always without any verification and you have a faster service.
We'll send the letter to all clients to provide an excellent
service to all. You will also have a button in the manager, you will be able
to force the sending of the letter.
Regards,
Octave