Topic: Anti fraud / scam tools for Bitcoin - UPDATES! - page 2. (Read 356 times)

That's pretty much like I can just google on specific address I want to search and if listed on bitcoinabuse or any site related about it, the address is belong to scammer. Not all report in bitcoinabuse is legit, someone can just blindly report it including you, me or anyone else.

I think you should add walletexplorer.com as one of your source, that's a good explorer because you can search the particular address and you will find the wallet, you can also track the other address associated with the wallet as long as the address have been used.

You should work together with blockchain explorers, something like what Etherscan does for Ethereum addresses (you can see which wallets are always guilty of fraud, which wallets always do scam transactions).

So you might for example work with Blockchain explorer to see address info taken from your software, instead of people manually entering addresses.

Well, here in our country you can't create many emails because each email that is created has an attached personal mobile device number that is registered in our name. So it means that it is difficult on our part to create more than 2 email accounts because there is simcard registration here in our country.

The only thing I don't understand much about CARS is that we only see log in and no sign-up, instead it looks like we just copy and paste the address, right?

We can predict behavior before the address is reported somewhere. Our thesis is based on the analysis of an address's account statement and we have trained artificial intelligence to recognize the usage pattern of an address through various sources (elliptic.co, kaggle, bitcoinabuse). Essentially, we look at the transactions of an address and predict the likelihood of it being a scammer. If the address is new, we can't make any predictions and advise treating it with caution, because the general rule of payment systems applies, namely that the creditor side should not seek anonymity.If, on the other hand, the address has at least 3 transactions, we can generate a prediction.

An example like that does work to get some initial feedback
My first thought when seeing that score would by: why? What's the rationale behind the number? Was it linked to a scam somewhere, did it get some negative reviews,... ?

Wow! Thank you so much, I wasn't aware of them. They focus on AML and are a company :-), whereas in our thesis we focused on Scam (what the EPC calls APP fraud). So, you would also prefer a login with email?? Where I acquire personal data, whereas with Google I wouldn't? Ok we will work on that.

An example like that can work? (https://i.postimg.cc/JnPG0P34/Schermata-2023-06-21-alle-12-45-35.png)
https://i.postimg.cc/JnPG0P34/Schermata-2023-06-21-alle-12-45-35.png

I mean to say that if you input the address again, you will get the result immediately now. I know we haven't yet implemented a filter to prevent the registration of random or malicious text strings. But if you genuinely enter a Bitcoin address with at least 3 transactions, we provide a scam evaluation for that address.

I know that I can't stop users from registering multiple accounts, the goal is to discourage some if I make their life a bit more complicated. That said, I would really appreciate it if you also tested our algorithm! (which is the interesting part for us :-) ). Thanks a lot for the feedback, we will work on the login process and the frequency of updates.

/Michele

What do you mean my results are online, like the wallet I requested, the results are found? If yes then after searching the result and getting 24 hours waiting notification I signed up and now when I signed in again, I found no way to my previous request like how can I see the results, do I have to put the address again and wait for the next 1 hour (as you aforementioned, you will change the waiting time).

And yeah mocacinno, is saying right, people could come up with various email and you know there are temporary email too, even I have enough email go use all of the daily limits. 

Hi @Faisal2202 and thank you for the review.

Yes, the project is still in its early stages and we've been more focused on the AI models rather than on the User Experience (UX).
We have some reservations about storing users' emails, as there are many responsibilities involved due to privacy concerns, which is why we have not yet activated this feature.

I understand that our database is still quite empty, so the site often asks you to wait. I'm going to run the rating evaluation script now, so you don't have to wait for 24 hours. Meanwhile, I'll modify this setting to run it more frequently. Would every hour be alright? Would you be willing to wait 1h to receive the assessment from our AI?

Thank you for the feedback, your results are online.

/Michele

I get the fact that you want to limit the amount of querys on your system to avoid having to buy/lease more performant (and more expensive) hardware. This being said, using google's SSO isn't a foolproof way to avoid people signing up with multiple accounts either... It's just an extra hoop multiaccounters have to jump trough. And like i said: using google's SSO will deprive you from several beta testers... I'm not completely against google's SSO, but i avoid it whenever i can (and i only use it for services that i trust and offer little or no other way of creating accounts).

AFAIK, there is no foolproof way to avoid multi accounters... People can create a dozen of google accounts (or buy them in bulk), or they can use throwaway emails, they can use vpn's or proxy's... Or tor... They can change their browser's fingerprint, they can (potentially) bypass (some) captcha vendors...

Personally, i'd probably allow people to sign up using their email and require a captcha completeion, then block >10 lookups per day based on ip address... It's not a perfect system, people can still get around it, but there are sufficient hoops so most of them won't be able to manage more than a handfull of alt accounts on your service.

If you really want to crack down on multi accounts, it'll require grunt work... Maybe work with invites and communicate with your members trough your platform... But it'll require significant effort from your side.

In the field of cryptocurrency, when a website ask us to sign in directly through email, this raises concerns, but after reading your FAQs, i can not stop myself to check your feature out, i have a spare device to check things out which is totally cutoff from mine, so i think it is safe to click on, but not a single "Text Edit Button" is working like ok I understand you guys block the one where we have to paste the address but why did you no enable the "Email" and "password" button, well maybe i am being too skeptical, as i think they will be enable after i signed up, so lets check,

Nah, 👎, your website is still new and you are asking to wait for 24 hours.

We apologize for that, I'd like to keep the system open, but due to the costs of running the service on Amazon Web Services, we've had to implement a login system to limit usage to 10 address consultations per day. This is a measure we've taken to ensure we can continue offering a free tool without going bankrupt!

We recognize that this might not be ideal for everyone, and we are considering implementing other login alternatives in the future. Any idea for that?

thank you!
/M

There doesn't seem to be a way to create an account without linking it to my google account (which i usually don't do, especially for new projects)?

Hello Bitcointalk Community,

We're a group of students from Politecnico di Milano who have recently completed our thesis project - the Crypto Antifraud Rating Score (CARS). CARS is a free online tool designed to assign a fraud risk score to Bitcoin addresses. We used AI and signal theory to analyze account statements, extract behavioral patterns, and provide inferences (https://carscore.io).

We're eager to receive your feedback and hear about any similar tools or projects you may know of in the Bitcoin community. We are open to finding synergies and exploring collaborative opportunities.

Looking forward to your insights and thoughts!

------ NEWS/UPDATES (14 July 2023) --------

1. Login removed! This change is based on numerous requests and concerns we received from various channels.
2. Scam Search Engine Section Added: We now report results from google.com, reddit.com, and ChainAbuse.
3. A technical document explaining the technology behind our service has been published on our main page.
4. The algorithm now responds in real time. The inference calculation on an address, if it hasn't been in the database is now calculated on the fly.

Through your feedback, we will build a roadmap of features to be added. Our aim is to provide not only predictions made with an AI model but also to create a one-stop shop for scam analysis.

Thank you all for the contributions received so far.

/Michele