[ivthreadp110]

I wrote a similar system for an ecommerce site-

attached session data, "remora data", tracked IP's, (in fact trace routed all IP's looking for suspicious proxy flags like going through Ghana), browser meta data- etc etc. I'm proud of how robust it ended up being. Constantly recursively crunching shipping addresses, CC numbers, IPs, all that jazz and accounts- so if someone tried several different cards their account would be flag, which would flag their IP which would then trickle down the system.

Of course never letting an attempted scammer know the system was on to them- in fact encourage them to keep using more cards and try different combinations so the flagging system would grow over time. Sure we got some false positives, but drastically cut down on repeat scammers. :)

In which case we just encouraged a phone call and solid proof of information for an account override.

It was war! Good article!