0

To prevent fraud we need to ensure as much we can that customers don't create multiple accounts from their systems to access freebies and to do fraud. What we need is unique device id like Smartphones have and we can access that via android/ios applications, but in case of web/mobile browsers we can't fetch their device id/ serial numbers etc and somehow asking customers to allow us to fetch their system's information doesn't seems to be a good idea.

What we did initially was we md5 encoded customer's ip address and their user agent, this solved purpose by a tiny bit that we were able to identify multiple accounts being run from same ip and same browser, but still IPs can be changed very easily, Is there any way we can create something unique for each browsers linked with a system.

Zaid Haider
  • 530
  • 6
  • 11
  • 1
    Imo the best in this cases is to identify the credit card they use to pay and associate it with the user. Certainly a user can change it's credit card but it's not super usual. – Gamopo Jul 17 '20 at 07:25
  • Thanks. But as i said above, we provide some free credits for customers to start with and multiple accounts are being created without any credit cards involved in the first place. – Zaid Haider Jul 17 '20 at 07:30
  • @ZaidHaider Thats why most sites require you to enter payment info even if its a trial. To prevent duplicates etc. There is no 100% safe way to determine users, you can generate a browser fingerprint and use this but this can also throw of users. – Code Spirit Jul 17 '20 at 07:39
  • 1
    read this answer, https://stackoverflow.com/questions/19082152/unique-id-for-a-device-with-php/19082219 – bhucho Jul 17 '20 at 07:40
  • 1
    during the signup process send a unique code to their mobile device via SMS. that will give you almost the same level of protection as using a unique device ID. It wont protect against people with multiple phone numbers obviously. – Joe Bourne Jul 17 '20 at 07:42
  • @JoeBourne Already have mobile unique and mandatory for registration. bhucho went through that post too before asking question, it didn't fulfill the purpose. Was hoping to create a robust combination somehow and store in db like browser fingerprint. – Zaid Haider Jul 17 '20 at 09:49

0 Answers0