[asterisk-biz] fraud detection & verification like craigslist

Steve Totaro stotaro at totarotechnologies.com
Tue Jun 16 19:34:29 CDT 2009


On Tue, Jun 16, 2009 at 8:13 PM, Trixter aka Bret
McDanel<trixter at 0xdecafbad.com> wrote:
> On Tue, 2009-06-16 at 19:34 -0400, JARROD LASH wrote:
>> They are most likely looking up the TN in LIDB.  Since its so easy to
>> buy a DID online anymore and spoof caller id they are probably trying
>> to make sure this isnt happening because of all the fraud and whatnot
>> on craigslist.
>
>
>
> I want to change tack on this a bit, aside from someone who either set
> up the system, was involved in the discussions on how they are going to
> implement it, etc we can never know for sure how they are doing it.
>
> So how about this why dont we discuss ways that would be useful in
> identification verification, and related things.  Basically discuss what
> could be used to implement a system like what craigslist does.
>
> As mentioned, there is LIDB which includes a special billing number (my
> guess is most providers set this to the master number of the account
> holder - ie the provider), class of service (which may or may not be set
> to a standard pots line but might be set to something else), calling
> name (often not set for VoIP), and the account owner which is most
> likely set to the provider the telco assigned the DID to.
>
> there are CNAM queries, if you are connected properly and someone calls
> in you can potentially get the BTN (billing telephone number, which can
> be the main providers number - this is often only available via SS7),
> ANI II digits (this is often going to be of little value).
>
> So what else can you do?  How would you weight each thing, I envision
> the only realistic way to accomplish this is by assigning points, either
> a high or low score (depending on what has points of what value) would
> mean its a pass, below/above that threshold its a fail.
>
>
> --
> Trixter http://www.0xdecafbad.com     Bret McDanel
> pgp key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x8AE5C721
>
>

A callback system like was used for my SSL purchase is one big piece.

-- 
Thanks,
Steve Totaro
+18887771888 (Toll Free)
+12409381212 (Cell)
+12024369784 (Skype)



More information about the asterisk-biz mailing list