Hi All,
Sharing this article I found to be valuable. https://www.tessituranetwork.com/Items/Articles/Insights-Innovation/reduce-fraud-impact
At SCT we have been victim to carding and in response our web developers put protections in place that limit the number of times an individual can load our payment page in an hour. We recently switched web hosting services and pretty immediately after that happened we had carding happening on our website again. There was an adjustment that needed to be made to update our limiting protections and they stopped again once that was fixed.
Anyway, just sharing so you can be proactive to protect your organization if you haven't already. If you have already dealt with this, what did your organization do?
Cheers!
Kanani
Thanks Kanani! What a great read...
We had a spate of fake-looking accounts last year that were being created in bulk by abusing our guest-checkout functionality (which just asks for an email to register) and then trying to test out credit cards on our site - we managed to quell it by getting invisible CAPTCHA up and running on the login page. I think CAPTCHA may automatically be bundled in TNEW, but since we have a third-party e-commerce platform it took a bit of extra doing. We managed to spot that issue by having a daily scheduled run of the New Record Summary report, which suddenly got 3x or 4x more pages longer when tons of web accounts were getting created and helped us flag it.
Our website also has the basic versionof CrowdHandler (online waiting room) bundled into it, which is always running quietly in the background, but users don't notice since our sales are very rarely high enough to trigger a waiting queue. CrowdHandler does some general monitoring and it sends me a weekly digest of traffic from IP addresses that it deemed suspicious, and in some cases blocked from the site (usually for having tons of sessions in quick succession). I think Queue-It and CrowdHandler are two of the big names for online waiting rooms out there in the Tessitura ecosystem.
Lastly, that's a really interesting note in the article that delaying delivery of e-tickets can help thwart resales. We have been using a '7 days out' schedule for e-tickets ever since we started using them as our default. There's been conversations of switching to instant delivery, at least for single ticket buyers, but now this is an added argument in favor of keeping delivery on a tighter schedule. Very interesting...
Hi Evan - Another article you might want to reference about delay of e-tickets is a conversation Andrew Recinos had with Matt Zarracina, the president of True Tickets and one of our partners. Matt relates an interesting tale of two Hamilton sales - and it has lessons beyond True Tickets' functionality.
www.tessituranetwork.com/.../True-Tickets-Smash-Hit