Ask HN: Fellow devs, how do you deal with fraud on your application?

8 points by patrogizmo 3 years ago | 2 comments

I've worked on many different applications over the years that have all been hit by various types of fraud. Some were fairly generic (ie account takeover, promo abuse, content abuse), while some were very application-specific:

- Programmatically creating HSA accounts then draining a penny from them.

- Employees at laundromats giving their friends free washes.

- Dry-cleaning customers having a friend pick up their clothes then claiming they were stolen.

What's been your experience dealing with fraud? Any memorable fraud you've had to deal with? How did you respond to new fraud on your application?

thinking_monkey 3 years ago |

We had a kiosk-type system at a computer repair shop where I worked where if we were super busy the customer could enter the make and model of the computer along with what the complaint was and their name and phone number and leave it on the counter for us to intake later.

We caught several people bringing in a different computer later trying to claim it was the same one and we owed them a "warranty repair" because we failed to fix it the first time.

Instead of modifying the kiosk application to require a serial number, the owner did away with it altogether and one of us from then on would have to drop what we were doing and intake all computers manually.

I suggested we could have text on the screen to the effect of "Attempting to obtain a repair under false pretenses is theft of services" or some such but he wouldn't have it.

So I guess the way we dealt with "fraud in our app" was that we stopped using the app.

botastic 3 years ago |

At a bank I used to work for, we had issues with people charging a bunch to their credit card, then spending their rewards points on cash back, then refunding those purchases.