Forums
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length

Author Topic: Wildcards in searches  (Read 86 times)

0 Members and 1 Guest are viewing this topic.

Offline michaelg

  • FraudRecord Member
  • *
  • Posts: 2
    • Sharktech.net
Wildcards in searches
« on: September 27, 2017, 03:59:32 PM »
I've noticed an uptick in problematic orders where the email address isn't with an email service but is also generic enough that if the fraudster is keen to how FR works, they can circumvent the matching email hash.

Example with a totally made up domain:
bob@Johnsonlandscaping.com signs up at Host A
John@Johnsonlandscaping.com signs up at Host B

Obviously these hash differently and wouldn't create a hit on FR.  It would be nice to be able to search *@johnsonlandscaping.com.  Obviously there's a technical hurdle there.  Any plans to add that? Or does it exist and I don't know about it?

Offline harzem

  • Administrator
  • *****
  • Posts: 75
Re: Wildcards in searches
« Reply #1 on: September 27, 2017, 04:06:36 PM »
It's impossible with one-way hashing. Partial searches are never a possibility with our algorithms.

However we may implement a "report email domain" feature, where one company reports just the domain name of the email address, and another company searches for the same domain. I'll give it a thought, thank you :)

Offline michaelg

  • FraudRecord Member
  • *
  • Posts: 2
    • Sharktech.net
Re: Wildcards in searches
« Reply #2 on: September 27, 2017, 04:22:14 PM »
Figured I'd ask in case it exists, if that's something you're thinking about adding that's great.*  Thanks!


*until someone accidentally reports @gmail.com while burning the midnight oil

Offline harzem

  • Administrator
  • *****
  • Posts: 75
Re: Wildcards in searches
« Reply #3 on: September 27, 2017, 04:27:18 PM »
*until someone accidentally reports @gmail.com while burning the midnight oil

That's pretty much the part I need to think about. While itt's easy to block some domains, such as gmail, yahoo and others, we can't keep track of all email providers. Maybe if a domain is reported too many times, it can be reduced to a "notice" instead of "report".

I'll keep thinking about it :)

 

October 21, 2017, 06:48:21 PM: Page created in 0.077 seconds with 20 queries by SMF