Inevitably, one has to factor fraud into the hosting biz.
Some hosts say 1 in 3 orders is fraudulent. Consider what happens:
- Someone steals a credit card and signs up with you at $5/month or whatever
- You charge them $5 + $10 to register a domain
- Real owner disputes charge
- You get hit for $20 + the original 30 cent fee + you’ve spent $10 for a domain probably no one wants
In other words, $30 wasted. One a month means you have to sell 6 legit accounts a month just to cover fraud.
Sure, there’s MaxMind, etc.
Reading through some stuff, it seems like there are the following options:
Auto-Provision Service/Auto-Purchase Domain: leading to what I just described
Auto-Provision Service/Purchase Domain After Verification: This exposes you to having someone setup a spam operation on your servers, host kiddie porn, etc. Sure, you can shut them down immediately after you discover, and if you have mail throttling in place you probably won’t be blacklisted, but it’s still a risk, though not a financial one.
Manual Verification Before Any Service: A number of hosts do this – most perhaps. It’s a solid approach that minimizes risk, but it does fail to satisfy that customer’s desire for instant gratification.