Better ways to identify my customers

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

Quote from: BitMaxz on September 20, 2019, 03:48:27 PM

If they don't want to give their selfie with ID there is a big chance that you are dealing with the hacker. So, much better ignore them if they can't give their ID with a selfie.

Not exactly, I mean there's a higer chance but it's not a big one (for example: I don't give out my ID unless it's to an exchange that will watermark it - for people that want ID I normally use cash transfers to get around it).

@OP, you can't do anything without verifying some sort of ID, I've been asked to photograph a debit card (with your finger over the long number) which should be fine (since a standing order/direct debit need an address for verification if the person on the other end was an attacker).

Quote from: buwaytress on September 21, 2019, 12:43:13 PM

There is a way to get around phone number identification and its called sim swapping, but I understand also there are sim cloning abilities...

I recentrly cancelled a contract, and it takes ~48 hours to use a PAC to transfer someone's number (and the PAC was sent instantly to my device) - if the device were compromised then anyone could get the number and then remotely delete the text...

buwaytress

legendary

Activity: 2968

Merit: 3684

Join the world-leading crypto sportsbook NOW!

There is a way to get around phone number identification and its called sim swapping, but I understand also there are sim cloning abilities... Haven't heard of it being used for skrill yet though. I daresay anyone who has access to this tech wouldn't be wasting access trading bitcoin.

Fraudsters have claimed being hacked and this is the danger you face but it's an equal risk with any other verification method.

bravehearth0319

hero member

Activity: 1022

Merit: 500

Quote from: 1R1S on September 20, 2019, 02:01:35 PM

I use skrill to sell btc. Before I give my potential customers my email to send money to, I ask them to give me their id document, e.g. passport, and screenshot of their profile page, so that I can see the names in id and profile match. I do this procedure to ensure the account wasn't hacked.

But this also makes customers who don't like giving this info for whatever reasons, refrain from me. I want to have another identification method, like sending sms to their number. If customer has access to his phone, he can enter the message I sent him, to me again.

Thing is I am not sure how skrill account can get hacked. I guess this can be done only via email: you get email, you ask skrill to reset your password and now you have access to other person's account. If you have skrill user's phone number, you can't do much with it... or can you? It looks like phone number is used only for verification when user creates skrill account. I don't see any way hacker can use it in case he knows what phone number is.

As I read your statement, I noticed that you have a lot of request to your customers to verify if He/She is the real person you are transacting it.
In my opinion sending Id and selfie is enough, because with this it is already valid, compared to email, and sms no. Don't you notice in every centralized exchange only KYC was their final needs to verify their clients to avoid dummy accounts.

bitsurfer2014

hero member

Activity: 924

Merit: 520

Quote from: BitMaxz on September 20, 2019, 03:48:27 PM

Don't change your ways to identify real owner/customer like the above said SMS is not enough to identify them.
To make sure you are not dealing with any hacked accounts selfie with ID is enough to identify if your customer is the real owner of the skrill account.

If they don't want to give their selfie with ID there is a big chance that you are dealing with the hacker. So, much better ignore them if they can't give their ID with a selfie.

A selfie with ID verification would suffice but maybe you could ask your customer for a video interview to fully assert their real identities or another method is that you could require them to use https://keybase.io and verify their public keys tied to their identities. Also, you can try to request if they have verified KYC coming from third party providers.

davis196

hero member

Activity: 3150

Merit: 937

So you sell btc for skrill payments.Wasn't that too risky?Skrill payments can be reversed,while btc transactions can't.How can SMS verifications protect you from being scammed?There are plenty of options to send/receive SMS online for free.You should carry on with ID verification,even though I don't think it helps that much from preventing scams.If you meet a smart scammer,he will eventually scam you despite all verification methods.

jrrsparkles

sr. member

Activity: 2520

Merit: 280

Hire Bitcointalk Camp. Manager @ r7promotions.com

When someone hacked an account then it is also possible to change the mobile number also so your point of verification doesn't prove anything.But identity with real name match could be the best possible verification but its still not 100% because lot of people got hacked along with their personal data as well so you can ask for something like holding on something with today's date written on a selfie.

Cogniscient

newbie

Activity: 2

Merit: 0

You can also use Trading ERP to identify your customer in an Effective. There are many ERP software are available in the market, Like SAP Business One, Oracle, and many more.

BitMaxz

legendary

Activity: 3374

Merit: 3095

Playbet.io - Crypto Casino and Sportsbook

Don't change your ways to identify real owner/customer like the above said SMS is not enough to identify them.
To make sure you are not dealing with any hacked accounts selfie with ID is enough to identify if your customer is the real owner of the skrill account.

If they don't want to give their selfie with ID there is a big chance that you are dealing with the hacker. So, much better ignore them if they can't give their ID with a selfie.

exstasie

legendary

Activity: 1806

Merit: 1521

Quote from: 1R1S on September 20, 2019, 02:01:35 PM

I use skrill to sell btc. Before I give my potential customers my email to send money to, I ask them to give me their id document, e.g. passport, and screenshot of their profile page, so that I can see the names in id and profile match. I do this procedure to ensure the account wasn't hacked.

But this also makes customers who don't like giving this info for whatever reasons, refrain from me. I want to have another identification method, like sending sms to their number. If customer has access to his phone, he can enter the message I sent him, to me again.

How do you verify it's their real phone number? Because it's listed in their Skrill profile?

A hacker can probably change the phone number on a compromised account pretty easily. They could just be giving you a burner phone or Google voice number. They could only change the name on a Skrill account by contacting Skrill support and completing verification: https://www.quora.com/How-can-I-change-my-name-in-Skrill-to-be-correct

So phone verification seems a lot less reliable than your original method unless I'm misunderstanding.

1R1S

newbie

Activity: 21

Merit: 0

I use skrill to sell btc. Before I give my potential customers my email to send money to, I ask them to give me their id document, e.g. passport, and screenshot of their profile page, so that I can see the names in id and profile match. I do this procedure to ensure the account wasn't hacked.

But this also makes customers who don't like giving this info for whatever reasons, refrain from me. I want to have another identification method, like sending sms to their number. If customer has access to his phone, he can enter the message I sent him, to me again.

Thing is I am not sure how skrill account can get hacked. I guess this can be done only via email: you get email, you ask skrill to reset your password and now you have access to other person's account. If you have skrill user's phone number, you can't do much with it... or can you? It looks like phone number is used only for verification when user creates skrill account. I don't see any way hacker can use it in case he knows what phone number is.

Topic: Better ways to identify my customers (Read 199 times)