Dashmaximalist
Well-known member
Right now . the fraudsters have a used a loophole in our phone validation, it is now closed. the sign ups have dropped to 200-300 per day. I am not sure how the Aweber email validation can help tbh.Yes, I agree the emails are incredibly valuable because gathering those would solve several issues and give us a means to contact each user whenever we wanted e.g. if a new training program was released or if we have a new campaign we would like the users to be involved with e.g. viral marketing campaign.
If we used a professional email handling service such as https://www.aweber.com then they would go through a email validation procedure. This procedure involves sending the recipient an email that they would need to click on to be validated. If the email has been used previously it will not be added to the list. If they do not validate the email by clicking on the validation they are also not added to the mailing list. This means now fraudsters would have to have valid emails for each attempt of getting free DASH.
The next question is if the same person or small group of people are undertaking the fraud it is likely they would be using the same IP address or they would be using a small subset of IP addresses e.g through a VPN. I would need to check but I think the Aweber service also reports the IP address and location of the person. We could ensure that the validations could ONLY come from a Venezuela IP address and this would also eliminate the VPN issues because VPNs typically use different countries. We could make it such that the validation of the address MUST be a Venezuela IP and it must be unique.
Aweber also has guidelines on how to ensure that the addresses of emails are properly handled. Aweber servers are also whitelisted with many of the mail handling giants to ensure the mail gets through.
Adding email validation in addition to other validations may also make it considerably more difficult for fraudsters because now they would have to do the following:
a) have a source for unique SIM cards
b) continuously setup new email addressess and go through a validation for each one.
c) find a way to have unique IP addresses in Venezuela every time they sign up.
d) would have to go through a double validation procedure with Aweber where the email address is only added to the mailing list once it is validated by the owner. This is time consuming for a fraudster to do.
Now a fraudster could do all of the above however now it is beginning to be a lot more work for that $0.5
IMEI validation not SIM validation
The other thing I think we ought to consider is validating not on the SIM but on the IMEI number of the phone itself instead of SIM validation. In this way fraudsters would need to have a source to a large number of phones in order to scam the system. SMS cards are cheap. Smartphones are not. It would not be economically possible to buy phones to get $.50 worth of DASH.
I do not know if there is an automated way to validate IMEI numbers?
If we could also then find a way to automate the validation procedures of the email against an identity. The information would not need to be stored but simply validated then we wipe the data to ensure confidentiality of each user.
These are just a few first ideas.
The next step is to roll out an Android app which collects IMEI and other IDs automatically that in my opinion is the best option
Considering the privacy issues we could hash these IDs so as to not identify them if our databases get hacked.