1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Info: How e*bay track users...

Discussion in 'Ebay' started by myzona, Aug 19, 2008.

  1. myzona

    myzona Regular Member

    Joined:
    Dec 19, 2007
    Messages:
    303
    Likes Received:
    170
    Found this doing my "homework" I think it will be interesting:


    Q: What if I use multiple computers for my business - will I have to verify my identity every time I use one or the other?

    A: We will definitely support multiple computers. During this information-gathering stage (now through June, roughly) we'll be able to tell which computer(s) you typically use to buy or sell, and as long as you're using one of these, you won't need to verify your identity. You also will be able to access multiple, different accounts from the same computer (such as in the case where a business has multiple IDs).

    Q: How will you track which computer I'm using?


    A: We generate a unique ID that identifies the computer you've used to connect to eBay. This unique ID is stored on your computer using cookies and Flash objects* so that the next time you visit eBay, we're able to confirm that you're using the same computer.

    This unique ID doesn't include any personal information, such as your email address or eBay transactions, and won't be shared with anyone else.

    Q: Will people who do not have a cell phone, or other alternate number that can be used when away from home, be able to verify their identity in some other way?

    A: If you're away from your normal computer, you will be able to enter the telephone number where you are as part of the identity confirmation process. However, you'll also need to to answer your secret question to do so, as part of an additional security step. If you're not able to provide another number (for example, because you don't have a phone handy), you can use our Live Chat function so that one of our Customer Support Reps can verify your identity.

    Q: Why not just use a "challenge question" instead of phone calls?

    A: Some businesses use challenge questions, some use phone calls, and some use a combination. We chose the phone method because we felt it provided the right level of convenience and security for the eBay Marketplace.

    Q: What about ISPs that assign a different IP address for each session, or those that change the IP address each time the modem is rebooted?

    A: We use a number of different variables to note what computer you buy and sell from. You won't need to verify your identity as long as you're using your normal computer(s), even if your IP address changes.

    Q: How will listings submitted through a 3rd party listing service be handled?

    A: You should not be affected unless you need to authorize 3rd party access to your eBay account. During that process, you will need to go through identity verification if we do not recognize that computer.

    Q: Are you going to put similar security measures on bidders?

    A: Right now this will only affect selling. But depending on the results of this initiative and changing fraud patterns, we may apply this program to other eBay activity in the future.

    Q: Won't bad guys just change the phone number as soon as they take over an account so they then receive the phone call?

    A: If we see that you've just changed your contact details (or basically any time we feel that the phone number may not actually be the seller's), we will ask you to answer your secret question as an additional security measure. This will prevent fraudsters from changing your account details and using the new info to confirm an identity.


    *If it's ok with moderators I will post info about Flash objects
     
    • Thanks Thanks x 4
  2. ximscreamingx

    ximscreamingx Power Member

    Joined:
    Jan 16, 2008
    Messages:
    617
    Likes Received:
    325
    Location:
    Next to Missy Elliot
    I think this is excellent info. Post the info about flash objects and the mods will move it if needed.
     
  3. affmatters

    affmatters Newbie Premium Member

    Joined:
    Apr 13, 2008
    Messages:
    42
    Likes Received:
    7
    yup... this is very critical info
     
  4. bhnoobz

    bhnoobz BANNED BANNED

    Joined:
    Jul 26, 2008
    Messages:
    395
    Likes Received:
    107
    yeah good job finding that under ebay help.. lol
     
  5. affmatters

    affmatters Newbie Premium Member

    Joined:
    Apr 13, 2008
    Messages:
    42
    Likes Received:
    7
    at least he done a pretty good job in summarizing.. how abt you giving more details abt it, if you know so much... will be thankful :p
     
  6. bhnoobz

    bhnoobz BANNED BANNED

    Joined:
    Jul 26, 2008
    Messages:
    395
    Likes Received:
    107
    He didn't summarize, that's straight from the page..

    Code:
    http://www.ebaychatter.com/the_chatter/2008/04/more-info-about.html
     
  7. ximscreamingx

    ximscreamingx Power Member

    Joined:
    Jan 16, 2008
    Messages:
    617
    Likes Received:
    325
    Location:
    Next to Missy Elliot
    The lack of source acknowledgement does not change the value of the information. I for one would like to know more about their flash objects.
     
  8. myzona

    myzona Regular Member

    Joined:
    Dec 19, 2007
    Messages:
    303
    Likes Received:
    170
    Local Shared Objects -- "Flash Cookies"

    Introduction

    Cookies are small text files used to save information about an individual or their use of a web site. For instance, a cookie can be used to save your login name, your preferences for viewing content, or to track you as you browse the Internet.

    With the advent of spyware and spyware removal programs, as well as media attention and the increase of online literacy, users now understand the purposes and risks of using cookies. Recently, users have become more vigilant in purging cookies from their computers. According to a Jupiter Research study, 58% of online users have deleted cookies from their computer and 39% of users do so on a monthly basis. This regular "cookie tossing" is causing direct marketers to see more invasive methods to track individuals. One of those methods is to set a "Local Shared Object," also known as a "Flash cookie" to track individuals. Simply put, the idea behind this tracking is to set two cookies on the user's machine--a standard cookie that the consumer may erase, and a second Flash cookie that the user probably will keep, because the existence of Flash cookies is not well known.

    Flash cookies are set through a mechanism in Macromedia's Flash MX player. According to Macromedia, 98% of computer have some version of Flash on their computers.

    What is a Local Shared Object (Flash cookie)?

    Using previous versions of Flash, developers could save information between sessions by using 'normal' cookies, but the process was considered difficult for developers to implement. Placing a normal web cookie requires the use of a scripting language outside of Flash (Javascript or ASP, for example). Placing a Local Shared Object only requires the use of ActionScript--the scripting language that controls Flash movies. In its newest version, Flash MX, Macromedia introduced the Local Shared Object, which provided an easier way to store information. Flash cookies can be considered to be equivalent to 'normal' cookies, save for a few minor differences.

    Flash cookies provide the only method by which a flash movie can store information on a user's computer. Intended uses of the object include storing a user's name, a favorite color or the progress in a game. The actual information is stored in a .SOL file in a special directory on the user's computer. Using the flash configuration tool, the user can decline Flash cookies by domain as well as control the amount of data a site is allowed to store. By default, sites are permitted to store 100kB of information without prompting a user.

    Unfortunately, few consumers are aware of where Flash cookies are stored or how to control their use. Normal web cookies can be managed via the preferences dialog of most web browsers, but no similar utility is included for these Flash cookies. It is possible for Flash cookies to remain on user's computer indefinitely, as there is no mechanism to set an expiration date on Flash cookies.

    How do Flash cookies allow Identification on individuals?

    The type of information stored in a Flash cookie is limited only by the information that the creating Flash movie has access to. According to Macromedia's Flash MX Security Whitepaper, this is limited to:

    * Anything in the actual movie file
    * Any information the user provides
    * Some configuration information about the computer running the movie
    * Flash cookies created by the same domain from which the movie originated
    * Servers in the domain from which the movie originated

    Using some or all of the above categories, the Flash movie can create a unique ID and store that ID in a Flash cookie on a user's computer. The Flash movie can then communicate this information to a database, or other applications. Subsequent visits by the same users could be tracked by reading the ID contained in the Flash cookie.

    Who can access a Flash cookie?

    As with normal web cookies, a domain can only access data that it created; it is not allowed to read Flash cookies created by other domains. This prevents sites from observing user behavior at other sites.

    How can users prevent Flash cookie tracking?

    Like normal cookies, Flash cookies are represented as small files on users' computers. To prevent Flash cookies from being placed, users can adjust preferences on a per site basis in the Macromedia Website Privacy Settings Panel. Using this tool, Flash cookies can be completely disabled or allowed on a per domain basis.

    To get to the settings panel, right click on any Flash movie, click settings and then advanced. Macromedia has published a walk through guide to help users disable Flash cookies.

    Users can get rid of the current Flash cookies and their tracking information simply going to the correct folder (see below) and deleting them. The Flash cookies are organized in folders according to the site that placed them, so users can choose which objects to keep.

    Firefox users can use Objection, a recently developed extension that adds a LSO deletion tool to Firefox preferences.

    Where are Flash cookies stored?

    Flash cookies are stored in a special directory depending on the operating system on the client machine. They are arranged in directories according to the site that placed them on the computer (look for a file with a .SOL extension):

    * Windows C:\Documents and Settings\[username]\Application Data\Macromedia\Flash Player
    * Macintosh OSX /Users/[username]/Library/Preferences/Macromedia/Flash Player
    * GNU-Linux ~/.macromedia

    Persistent Identification Element ("PIE")

    United Virtualities (UV), an online marketing firm, has introduced a tracking platform that takes advantage of the relative obscurity of Flash cookies. In a press release this March, UV announced PIE, a backup ID system for cookies. Mookie Tenembaum, founder of United Virtualities, explained the reasoning behind the product, "All advertisers, websites and networks use cookies for targeted advertising, but cookies are under attack. According to current research they are being erased by 40% of users creating serious problems."

    UV's press release also claims that the PIE system can restore deleted web cookies. Although there is little official information on the implementation of the PIE system, it is not likely that the cookie is actually restored. Instead, it appears that the Flash cookie acts as a redundancy. That is, the PIE system uses Flash cookies as a backup. A site interested in tracking a user would set a normal cookie and a Flash cookie. If the user erased the normal cookie, the PIE-enabled site could use the redundant Flash cookie to track the user.

    To justify this tracking mechanism, UV's Tenembaum said, "The user is not proficient enough in technology to know if the cookie is good or bad, or how it works."

    This practice is highly deceptive. By deleting cookies, consumers are clearly rejecting attempts to track them. Using an obscure technology to subvert these wishes is a practice that should be stopped. Cookies have many beneficial purposes and can make the end user's web experience better. Websites should be honest and up front about how they use cookies, and they should respect the decisions of those users who do not want to be tracked via cookies.
     
  9. cellk

    cellk Registered Member

    Joined:
    Jul 7, 2008
    Messages:
    58
    Likes Received:
    9
  10. h1dd3n

    h1dd3n Regular Member

    Joined:
    Jan 6, 2008
    Messages:
    232
    Likes Received:
    21
    the best thing to do if you have multiple ebay accounts is to create multiple accounts on your windows box and log off and on when you need to go to a different account (changing ip and cleaning cookies also) This is better than turning off the flash objects as itll look better in ebays eyes.
     
  11. Smelly-Cash

    Smelly-Cash Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 28, 2008
    Messages:
    175
    Likes Received:
    378
    awesome info. what about using different computers for each account. all you will have to do is use a different IP for each account.
     
  12. gifmore

    gifmore Regular Member

    Joined:
    Oct 12, 2007
    Messages:
    274
    Likes Received:
    67
    :eek::eek:

    Well, today, I experienced first hand this phone verification business.

    Apparently, I did not pass the test and tried live help. Even that I apparently did not manage to pass.

    And this is for my own account. Sigh :(

    Now I have to fax some sort of ID or utility bill that shows my name and address to their fraud department to lift my account.

    Oh well, live and learn.....

    Keep your phone numbers updated in your accounts... although I believe mine were updated but entering the number did not seem to work.....

    Cheerio :)

    :flame: :flame: :flame: :flame:
     
  13. Loak

    Loak Jr. VIP Jr. VIP

    Joined:
    Apr 21, 2008
    Messages:
    314
    Likes Received:
    109
    thats some cool stuff, i still dont want to go near ebay with anything dodgy.. i hate em and would love to rip them, but i just know they will ban me and probably sue me for the fun of it.