John Canfield

We built our strategy around three distinct layers of protection:

Preventing fraudulent accounts. Our first priority is to stop fraudsters from being able to operate on the site in the first place. Stronger verification of new sellers allows us to know our sellers better and makes it harder for fraudsters to open new accounts. Anti-phishing efforts, including our alliance with Yahoo! and recent announcement with Google, blocks phishing e-mails before they arrive in users’ inbox. Finally, trusted selling with identity confirmation, which will be fully implemented later this summer, prevents account take-overs by requiring anyone attempting to list an item from an “unknown” computer to go through identity confirmation.

Removing fraud visibility. Next, if fraudsters manage to get hold of an account, we make it unlikely that their fraudulent listings will become visible to the Community. We do this in three primary ways.

1) In April 2007, we announced that items most favored by fraudsters would not be visible in search for a number of hours. During those few hours, our fraud detection algorithms and investigators in our over 2,000-plus Trust & Safety team work to stop fraudsters and their listings before they ever become visible to the community. In the 15 months since that announcement, we have reduced fraud visibility by over 80%, and we’re working to reduce exposure for this type of fraud even further.

Your community reports of potential fraudulent listings help us to identify additional problems, as well as help us to improve our algorithms. We appreciate the many members who contribute their support by reporting suspicious listings to us.

2) In March 2008, we expanded the use of anonymized bidder IDs to all auction-style listings. This project, known as the Safeguarding Member IDs initiative, protects under-bidders from fake (fraudulent) Second Chance Offer requests and other malicious spoof email. As a result of this initiative, fake Second Chance Offer volume has declined by over 90%. We’re pleased with these results and the increased protection for our Community that they signify. (For more information, see "Safeguarding User IDs" in Help: Protecting Your Privacy.)

3) In order to further secure our listings against malicious content, we will roll out controls on “active” user-generated content in early 2009 that will provide rich user experience through eBay-approved secure widgets and mark-up language. (Stay tuned for more information from eBay and your Certified Providers on this subject.)

Ensuring safer transactions. Lastly, should fraudsters obtain a fraudulent account and get visibility for their fraudulent listings, we have safeguards in place to thwart them in their attempts to convince buyers to pay using an unsafe payment method. Our Accepted Payments policy requires that new sellers and listings for higher-risk items accept safe electronic payment methods only. (For more details, please read our January 2008 announcement.) Fraudsters can also attempt to use e-mail to coax buyers into unsafe, off-eBay transactions, even before the auction closes. To counter this, we recently announced Safer member-to-member email via anonymous email forwarding, which keeps pre-sale communications safe on eBay and keeps the buyers’ e-mail address anonymous and protected. (For details, read our June 2008 announcement.) As a reminder, if you ever suspect that an email you receive isn’t legitimate, make sure to forward it to us at spoof@ebay.com or spoof@paypal.com.

I hope this helps give you a better sense of how all the safety initiatives fit into our overall strategy -- and I hope that the results I've shared illustrate for you how these efforts are truly making a difference.

On that note, while the Trust & Safety teams here have been working hard to make security and safe transactions as seamless and automatic as possible to our Community, your safe practices play an important role as always. All buyers and sellers should know that paying with PayPal is the #1 way to protect yourself against fraud. For additional tips on how to protect yourself from spoof and phishing emails, check out the eBay Security & Resolution Center, the PayPal Security Center and take PayPal’s Fight Phishing Challenge.

Stay tuned for more news on our progress as the year goes on.

Sincerely,

John Canfield
Senior Director, Trust & Safety