Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Using Real Name / Phone / Address for transactions for VPS etc
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Using Real Name / Phone / Address for transactions for VPS etc

Every host wants a real name , phone number and phone address etc for the VPS or they say you are FRAUD. How about when all of our data gets leaked out , its just the customer who can be fraud all the time. they REQUIRE us to use the original details and then it gets all leaked out to internet :/. I gave the data to the company not WHMCS etc , so its the companies responsibility to keep a safe , secure system.

«1

Comments

  • What's your point matey?

  • It seems to me like his point, and it's not an unreasonable one, is that companies who require you supply personal information have a duty to secure it.

    A company can't just pass the buck and say "welp, we did our best but the industry standard software is a pile of steaming shit". A customer has every right to be pissed at companies that have leaked information.

  • @lbft said:
    It seems to me like his point, and it's not an unreasonable one, is that companies who require you supply personal information have a duty to secure it.

    A company can't just pass the buck and say "welp, we did our best but the industry standard software is a pile of steaming shit". A customer has every right to be pissed at companies that have leaked information.

    spot on , sir!

  • MaouniqueMaounique Host Rep, Veteran

    @lbft said:
    It seems to me like his point, and it's not an unreasonable one, is that companies who require you supply personal information have a duty to secure it.

    A company can't just pass the buck and say "welp, we did our best but the industry standard software is a pile of steaming shit". A customer has every right to be pissed at companies that have leaked information.

    Others leak it every day, but nobody seems to be upset. In Italy the law requires full info, people with experience can get around the automated systems, it is not even hard, but the police wants at least payment information and they can dig from there.
    This is why we cannot do trials/freebies for people without a paid service here at least.
    As far as I am concerned, if the user does not use names visibly fake and non-existant addresses, passes maxmind and there are no problems with payment or abuse, is good to go. We can say in good faith we used standard tools and made a reasonable effort to manually check.

  • MonsteRMonsteR Member
    edited November 2013

    Company's like my own require real customer information to make sure, or at least try to prevent Illegal activity from happening i.e Spam, Illegal websites, DoS/DDoS etc. Most people that wont fill out their legit details are trying to do something they shouldn't be, Most company's take security precautions with their clients data, for Example we have test our website and the server its hosted on regularly for security breachs, and try to keep up with security which a fair few others don't do, But most company's try to keep their main website as secure as possible.

  • @Maounique said:
    As far as I am concerned, if the user does not use names visibly fake and non-existant addresses, passes maxmind and there are no problems with payment or abuse, is good to go. We can say in good faith we used standard tools and made a reasonable effort to manually check.

    Hmm , good to know. Just a question , does the hosts out there check their servers for security lapses themselves? Like monster say they check their website. Most others do? i think its better to check one's server for security problems , find it and fix it before someone else.

  • AnthonySmithAnthonySmith Member, Patron Provider

    Let me put it to you like this:

    You run a photographic studio in New York. someone books in for $100 worth of head shots under the name Simon Smith, A woman turns up for the head shots and then hands you a credit card in the name of Abdul Sharma from the Habib bank Pakistan.

    You don't get in the slightest bit suspicious? you don't worry about the near enough $100 charge back fee and losing the money you took to begin with?

    Or do you think... hey this person wants to protect their identity so that is fine I will take payment without question.

    So answer than honestly to yourself then also add this on top, 3 out of every 10 orders are either with malicious intent or attempted fraud, how do you feel now?

    That is how I feel about it which is why I will close your account without appeal if your paypal account is in a different name, that is why I don't allow orders via VPN/Proxy. of course I make this all very clear in advance of you having to pay a penny.

    Additionally I FULLY understand if you do not want to enter your details in to an on-line system you do not directly control, that is YOUR choice, please do not try to make it my problem though.

    I understand that a case is to be made for those legitimate people like yourself (I assume) who simply have genuine concerns but my concerns for the long term sustainability and protection of my current clients from malicious and harmful people quite frankly outweigh that.

    I wish there was an external body of trusted people or an organisation you can use to validate who your are only once with passport/ bills etc and they give you a universal on-line code to use to prove you are a valid trustworthy person, I would implement that system for exactly these cases but until then sadly you need to make a choice.

    We really are just looking out for ourselves and current customers it is not personal. :)

    Thanked by 2rds100 upfreak
  • @ahmiq said:
    Every host wants a real name , phone number and phone address etc for the VPS or they say you are FRAUD. How about when all of our data gets leaked out , its just the customer who can be fraud all the time. they REQUIRE us to use the original details and then it gets all leaked out to internet :/. I gave the data to the company not WHMCS etc , so its the companies responsibility to keep a safe , secure system.

    What always surprises me more is that hosts often provide so many fake information themselves but somehow demand us to provide real information.

  • @ahmiq said:
    Every host wants a real name , phone number and phone address etc for the VPS or they say you are FRAUD.

    Things should work the same in both ways and yet about many hosts we don't know anything except their domain name and some forum (nick)name with anonymous whmcs form as only point of contact.

  • MaouniqueMaounique Host Rep, Veteran
    edited November 2013

    Let's not confuse things here.
    VPN/Proxy, non-matching country with the ip, etc we do not accept either and people sill moan and attack us because they are too lazy to ask someone at the office to order for them or use the VPN.
    However, it is hard to check the name and address and we have no intention to work for the police for free, they treat us badly enough.
    As for the chargebacks, if you do not like them, you dont sell online. We have 90%+ of the chargebacks coming from abusers (spammers, booters essentially) and DDoS victims, I am not sure even 10% are coming from carders and they are low enough as it is.
    I do manually review orders, though, i reject some 10% or refund when things are not adding up but the system let the payment go through. At times I close the account directly and tell people they need to pay with own money in order to benefit from service.
    I am sure I did a few mistakes at least and I am sorry for that, but only who does not work does not make mistakes.
    When I check the address and see it does not exist, when I see the user posts in dubious forums, things like that, I have a green light from Uncle to refuse service.
    You cannot rely on automated tools only, humans are still needed to supervise the machines.
    Also, when your business model is based on selling low value stuff to many people you have to automated it at least in part, you cannot find any software that is immune to hackers and the government already has all your data, so, you can choose not to put your data online, but then you should also accept the consequences. Host at home.

  • It's not a problem restricted to the hosting industry, although the software monoculture across small to medium size providers (WHMCS, cPanel, and for VPS providers SolusVM) does create an unusually dangerous situation. The WHT echo chamber of ignorance and the ColoCrossing factory farming of VPS providers with insufficient knowledge don't help matters.

    Still I would like to see one company sued into bankruptcy over a serious data breach. Just to outline to companies that it is in fact serious business and not something that you should "accept the consequences" of trusting a company with your information.

    Thanked by 2ahmiq neroux
  • NeoonNeoon Community Contributor, Veteran
    edited November 2013

    BTW: They would just know where your house lives... but not how you look until you upload your pictures to facebook or you send them your passport.

  • This issue is a two way street. The company needs to keep the client's information secure and the client needs to provide real information. Remember, when you sign up for a VPS you are entering into a legal contract, and using false information may be in breach of that contract.

  • @MonsteR said:
    Company's like my own require real customer information

    But hide your own? Or do you really have office inside Blacklotus Emergency Response Center suite? Because that's only publicly known info about your company :)

    @Vpscraze said:
    Remember, when you sign up for a VPS you are entering into a legal contract

    Sadly that's not always the case. Every legal contract require two known parties. Is it your real name "Domain Admin"? Because that's only publicly known info about your company :)

    @AnthonySmith said:
    We really are just looking out for ourselves and current customers it is not personal.

    But you're atleast "legit". With real address, company number... at your site. Many just aren't. It's just incredible how many companies who aren't even companies but anonymous guys behind anonymous website require other's people real information.

  • MonsteRMonsteR Member
    edited November 2013

    @Spirit But hide your own?

    Look at any of our IP addresses you will see our full contact details but we don't have an office (Technically most of the work is done in the DC i.e Building, Racking, Checking servers and all support from staff based at their homes near the dc) therefore wouldn't require someone to personally come or send a letter. We have our contact methods on our Website, our Number, Emails, Skype, IRC, Tickets there is nothing you would require my personal address for is there? unless you wanted to come over for a coffee? :) If we had millions of customers and had a big office then i am sure we would have our office on there. (We don't mind clients having our addresses, Just not the whole world)

  • VpscrazeVpscraze Member
    edited November 2013

    @Spirit said:
    But you're atleast "legit". With real address, company number... at your site. Many just aren't. It's just incredible how many companies who aren't even companies but anonymous guys behind anonymous website require other's people real information.

    Fortunately the domain registrar provides complete whois information, including a complete business address, if you choose to use their whois servers for a domain lookup. ;)

  • Some companies... ahem BuyVM cough cough, don't even like real ID.

  • SpiritSpirit Member
    edited November 2013

    @MonsteR & @Vpscraze saying that your IP or something contain real name is like me saying that my paypal also provides my real name. But that's not enough to enter into legal contract with you, correct?

    In both cases there's only one party who enter into a legal contract the way as it should. Client. Other party remain anonymous.

    @MonsteR
    there is nothing you would require my personal address for is there? unless you wanted to come over for a coffee

    So basicly you're saying that there's nothing I would require your company address (real one!) for but you require mine? :)
    How can I as client sue other party of a contract if I need to? Over skype?

    @Vpscraze said:
    Fortunately the domain registrar provides complete whois information, including a complete business address, if you choose to use their whois servers for a domain lookup. ;)

    Do I have any choice? Domain whois seems only way to find out who's behind company and even there was fake name (Registrant Name: Domain Admin) prior to my post above.

    Don't get me wrong. I understand completly why client need to provide real personal data when he enter into a legal contract. What I don't understand is why client is only party who needs to enter into a legal contract with real data but other side remain anonymous. Domain name is not company.

  • MonsteRMonsteR Member
    edited November 2013

    @spirit What happens if I wanted to sue lowendtalk?
    http://who.godaddy.com/whois.aspx?domain=lowendtalk.com&prog_id=GoDaddy

    Same concept with all websites/company's, But in general less then 5% show they full and legit details.

  • SpiritSpirit Member
    edited November 2013

    @MonsteR said:
    spirit What happens if I wanted to sue lowendtalk?
    http://who.godaddy.com/whois.aspx?domain=lowendtalk.com&prog_id=GoDaddy

    I don't know. Did you enter into a legal contract with lowendtalk forum the way like clients enter with your company? With nickname?
    Is it the way how you anonymously operate business within UK legislation at all?

  • Well I am guessing Lowendtalk/box are apart of a company or Personal income paying tax because after all it makes money from ad revenue ?

  • SpiritSpirit Member
    edited November 2013

    I can't answer that as I am not familiar with US legislation but I am pretty sure that you're not allowed to run business online in UK anonymously and your clients need to know who they deal with. Any other UK host to confirm this?
    In any case you compare apples and pears because there's no legal contract between you and LET while you're the one who enters into legal contract with clients anonymously, require their private data but don't provide yours and it's not know who they deal with.

  • AnthonySmithAnthonySmith Member, Patron Provider
    edited November 2013

    You are correct @Spirit as a Ltd/Plc anyway, sole trader on the other hand I do not think displaying an address is a legal requirement but the person must know who they are buying from i.e. your actual name "Anthony Smith" or it could be "Anthony Smith trading as A1 car wash"

    As for the adverts on LEB my contract is with BuySellAds not LEB.

    Thanked by 1Spirit
  • I think the answer here is pretty simple: if you don't trust a company with your personal information... don't use them!

    That's why I can count all the LE* providers I use on one hand.

  • AnthonySmithAnthonySmith Member, Patron Provider

    You know, I don't even think I would mind people changing details afterwards, as long as everything is validated initially and they tell me why afterwards, I can hardly put my hand on my heart and honestly say WHMCS is a 100% secure place to store your information given recent events, but then again where is on the internet?

    Banks get hacked, insurance companies sell your details to call centre's when you leave them, mobile phone companies do the same.

    And really, what is the worst case scenario in the world of what is actually likely, why is it so important no one gets your address along with 1000's of others? I understand credit card details etc which is why I point blank refuse to store them but your name and address? not sure I understand the fuss.

  • Honestly my name, address, etc. is on the whois for so many domains, IP addresses, AS numbers, etc. so i don't really care who else gets them. I think the RIPE database is publicly downloadable anyway.

  • @Spirit said:
    But you're atleast "legit". With real address, company number... at your site. Many just aren't. It's just incredible how many companies who aren't even companies but anonymous guys behind anonymous website require other's people real information.

    I signed up with a VPS from RamNode based on general feedback from here, WHT etc. I didn't even realise until I read this post that there was no contact details (i.e. a phone number) on their site. No company number, no address, nothing (at least none that I can find).

    I'm in the UK and before I buy anything online I usually check to see if a company has at the very least a contact number on their site. Not sure why I didn't this time... perhaps it's the positive reviews you get from a lot of places, I dunno. I'm obviously not saying there's anything wrong with them, btw, I'm just certainly a little bit surprised with myself!

  • @AnthonySmith said:

    And really, what is the worst case scenario in the world of what is actually likely, why is it so important no one gets your address along with 1000's of others?

    My father's complaining why HIS name (which happens to be also my name) is all over the internet :P There must be thousands people with your first + second name at world but less than a few with mine, including my father's and before him his father. Damn annoying sometimes in rl situations...

  • The way I see it is the more you're trying to hide yourself, more curious they get. I was all for privacy&paranoia 10 years back but nowadays the saying "if you want to hide something, show it to everybody" applies 100%.

  • Nick_ANick_A Member, Top Host, Host Rep

    @metalface said:
    I'm in the UK and before I buy anything online I usually check to see if a company has at the very least a contact number on their site. Not sure why I didn't this time... perhaps it's the positive reviews you get from a lot of places, I dunno. I'm obviously not saying there's anything wrong with them, btw, I'm just certainly a little bit surprised with myself!

    Understandable. We are a registered company in the state of Georgia, though, for your peace of mind. It doesn't take a ton of work for people to find both the business and me, so RamNode is definitely a real, legal entity.

    Thanked by 1ahmiq
Sign In or Register to comment.