Verifying provider's legitimacy based on filing information (LLC, Inc., Corporation)

[ssdnodes-matt]

MOD NOTE: The following post sparked a discussion, which was copied and moved to its own deserving thread, in order not to clutter the one it was posted in.



[US Only] A lot of people miss this, but if the company you're researching is registered as a legal entity (company name ending in "LLC," "Inc.," or "Corporation") - you'll be able to find their filing information in the state where the entity is registered. The easiest way is to google "<state> entity search" and plug in their company name. Some states will even show you scans of their filing information. Use this information to find out how long they've been in business and corroborate it with what they say when you ask.

Going through the process of setting up a legal entity with separate bank accounts takes time, and if someone is looking for a quick buck they're less likely to go through that process.

Another way to see if they're legitimate is if they process credit cards themselves. Merchant processing accounts and business bank accounts usually require credit checks and require a decent amount of paperwork, rather than taking 5 minutes to set up a PayPal account. This is another way to see how legitimate the company is.

If they're using WHMCS, you can append "cart.php?licensedebug&forceremote" to the end of their domain to see when it was registered, and to also see if their WHMCS install is pirated or legitimate.

Of course this won't help you steer clear from all the bad guys, but it'll eliminate many of them and make you more informed.

 

[supernix]

There are several problems about trying to tie an LLC to an actual company start date.

I started in 1999, but the LLC was only started in 2008. That LLC start date does not reflect the true date at which I started offering hosting. Going by WHOIS data for the cutabovehost.com domain doensn't reflect the actual start date either. So those two factors can be misleading and easily understood as just rebranding.

I was using advancedisp.com/net back in 2000 but began to think that adding ed to the end of a word meant past tense which to me seemed like the name conflicted with itself. Trying to project an image through name of being ahead of the curve but at the same time using a past tense suffix. Not only that it included the initials ISP so I thought that most people would only think of dial up accounts and such. So I decided to change.

I wouldn't be so eager to talk down about someone using PayPal either. Remember they are one of the largest payment processors around and responsible for billions of dollars every year in sales transactions actually the total value of transactions in Q1 2009 was nearly $16 billion (source: Wikipedia http://en.wikipedia.org/wiki/PayPal 10/2012)

And unless you verify your account the account is very limited in the amount of money that can flow through it making it less than desirable for someone really wanting to commit fraud. Seems like they cap unverified accounts at $500 so not really enticing for most criminals.

Here are some great reasons to use someone that uses PayPal only.

1. PayPal has lots of protection for both the client and the company. So you get a full time security team thinking of nothing but protecting your funds.

2. PayPal alone has your credit card number. So you don't have to worry about a company just up and taking money out of your account since they don't have access.

3. The company doesn't have your credit card and banking information stored on their billing manager so you don't have to worry about what happens if they get hacked. As we all saw in the WHMCS incident when they got hacked lots of users names personal information and banking/credit card details were leaked. So with PayPal only processing you don't have to worry about that.

Not to knock anything anybody has said, but there are situations for sure where legitimate companies have very good clear reasons for advertising dates that don't match up to certain records. Doesn't make the crooks just needs further questioning.

And I always push PayPal for everyone it really saves a lot of headache since you don't get hit with a gateway fee.

Back in 1999 I made the mistake of rushing out and getting setup with one of the largest credit card processing companies around and had my own merchant account. It ate me up in fees like crazy. So lesson learned.

Oddly enough I have not read one comment about checking the educational background of the provider.

I went to college and got a degree in computer science with an emphasis in programming. I will say however that many of the students I talked to didn't know nearly as much as I did about networking and how hosting, servers, networking, or even what an RFC was.

So there are some that have been to college that still don't know anything about all this stuff. But I truly value the experience and knowledge gained by going to college even though it was after I started this company.

 

[ssdnodes-matt]

1. PayPal has lots of protection for both the client and the company. So you get a full time security team thinking of nothing but protecting your funds.

Unfortunately, we are denying your claim because your purchase was for a virtual, digital, or intangible item, which is not covered under PayPal Purchase Protection. We only cover claims involving physical items that can be shipped and tracked.

Unfortunately PayPal doesn't cover anything that's intangible, which includes hosting. The above snippet was from a recent claim I had for a fraudulent vendor who didn't deliver their dedicated servers that we paid for. Good thing I paid through PayPal using a credit card, which allowed me to file a chargeback against them anyway.

I'm not discounting PayPal at all, but there are plenty of fraudulent providers who rely on the fact that PayPal doesn't protect you for intangible items, which includes hosting.

I agree with you that PayPal is great with fees, especially since you don't have to worry about qualified vs non-qualified purchases, business card fees, etc. PayPal fees also dramatically decrease when you are processing more than $10,000 monthly. Most merchant accounts have their own monthly fees as well. I wasn't necessarily bonking PayPal as a legitimate provider, but I personally look to see if a provider has more than one payment method.

 

[supernix]

Unfortunately PayPal doesn't cover anything that's intangible, which includes hosting. The above snippet was from a recent claim I had for a fraudulent vendor who didn't deliver their dedicated servers that we paid for. Good thing I paid through PayPal using a credit card, which allowed me to file a chargeback against them anyway.

I'm not discounting PayPal at all, but there are plenty of fraudulent providers who rely on the fact that PayPal doesn't protect you for intangible items, which includes hosting.

I agree with you that PayPal is great with fees, especially since you don't have to worry about qualified vs non-qualified purchases, business card fees, etc. PayPal fees also dramatically decrease when you are processing more than $10,000 monthly. Most merchant accounts have their own monthly fees as well. I wasn't necessarily bonking PayPal as a legitimate provider, but I personally look to see if a provider has more than one payment method.

Regardless of whether they will guarantee any transaction that is irrelevant. You have to follow up just like any business that is dealing with a fraudulent vendor. Doesn't matter if it is PayPal or any other situation. All a chargeback means is that the business will have to show you really owe them by producing a sales receipt and a reason for cancellation and at that point if they can prove they issued you whatever it is you bought then they give them the money back and you have to fight it out in court.


The protection for the customer is that the business doesn't actually ever get your credit card number so they can't just up and make charges anytime they want and you only find out when the bill comes.
With PayPal the user has to approve and agree to pay each transaction unless it is a subscription that goes through automatically which then the customer would know about at as well.

This is also a bad thing as well for the host since you would have to submit a bill for overages and hope they pay it. If you have the credit card on file with your company then you can just up and run the charges they owe you for that they agreed to pay in the TOS signup process.

The protection for the host is that you don't have their credit card number so you don't ever have to worry about a security breach that leaves their person data open for the world to see and have to be responsible for that.
The state of South Carolina had a security breach on their servers and network and cost them an estimated $12 million dollars to handle for 3.6 million affected users. Note these are taxpayers that were affected.

Just the bill alone for researching how they got in and what was affected and securing the servers was a whopping $125K.

WHMCS not long ago suffered as well with many of their customers data ending up on the internet over a security breach that was done by a social engineering attack as well.

I don't recall ever hearing of a PayPal security breach that ended up leaking customers credit cards and banking information. It might have happened, but I missed it.

The point is that PayPal not you are paying for the security personnel to secure the transaction servers and data storage security.

This doesn't actually stop the host from having to be thoughtful about securing the servers and security issues, but it is one more stumbling block to help protect everyone in case of a problem that everyone missed.

As for trying to be weary of trouble then only choose PayPal verified business owners and such.

I will say also that PayPal has multiple ways to check out one such method is the standard check out. They also have a gateway like a regular merchant account that you can get and use as well.

Heck I even have PayPal Here for use if need be.

The facts are that PayPal does have a verification process where you have to prove you own any bank accounts you add to extract money or add funds to PayPal so there is a definite link to an individual or company at the end of the road with PayPal.

As for credit verification PayPal does that as well they don't just give out all their services to anyone that is verified without a check as implied.

You can of course register with a credit agency and run a check on anyone and everyone you do business with. I don't know of any host that does that however. I know I sure wouldn't give anyone my Social Security number either nor would I recommend it to anyone as well to start doing that. That is why I have an FEIN.

As for regular merchant accounts I have a story to share. I did have an Authorize.net account when I first started. In my research that was listed as one of the needed things to run a business and I didn't know better so I got setup with Authorize.net with a virtual terminal.

This was all fine and worked, yet it was quite costly for a business starting up. Here I was having to pay for this terminal access and gateway fee while at the same time trying to pay for other business expenses. I ended up ditching it for PayPal which was a pay per use option and fit quite nicely.

Later I decided to try getting an Authorize.net merchant account again. This seemed okay for a while then next thing I know I get slapped with a $99 bill and the money was taken out of my account without my authorization. I called the company up and they told me they were sorry that this was supposed to be covered and not taken out. I canceled my account at that time with the person that set it up and told them I would give them X days to get the money back in my account or I was going straight to the FBI for financial fraud.

I got my money back needless to say, but you can't trust everyone that represents themselves as an authorized Authorize.net merchant account representative to get an account with Authorize.net

I hope this makes my comments more clear.

I will say that there was a time when I first began that I had the same ideas about someone using PayPal I thought of it as just a method of payment for auctions and small stuff. It was later after really learning how PayPal operates and getting to know the system that I saw different.

The real trouble you have with PayPal is that it is not a bank and doesn't have to follow the same rules and such. Your money is not secured in case of something happening like a FDIC secured institution like a bank.

 

[ssdnodes-matt]

I just wanted to clarify that I agree with most of your points

Regardless of whether they will guarantee any transaction that is irrelevant. You have to follow up just like any business that is dealing with a fraudulent vendor. Doesn't matter if it is PayPal or any other situation. All a chargeback means is that the business will have to show you really owe them by producing a sales receipt and a reason for cancellation and at that point if they can prove they issued you whatever it is you bought then they give them the money back and you have to fight it out in court.

Actually, the first time around they only need to provide an invoice and "proof" of delivery, but when you file a second (and final) chargeback is when it goes to pre-arbitration through Visa/MC, and their rebuttal will be denied because they don't have a signed receipt.

The protection for the customer is that the business doesn't actually ever get your credit card number so they can't just up and make charges anytime they want and you only find out when the bill comes.
With PayPal the user has to approve and agree to pay each transaction unless it is a subscription that goes through automatically which then the customer would know about at as well.

This is also a bad thing as well for the host since you would have to submit a bill for overages and hope they pay it. If you have the credit card on file with your company then you can just up and run the charges they owe you for that they agreed to pay in the TOS signup process.

I definitely agree with you on this.

The protection for the host is that you don't have their credit card number so you don't ever have to worry about a security breach that leaves their person data open for the world to see and have to be responsible for that.
The state of South Carolina had a security breach on their servers and network and cost them an estimated $12 million dollars to handle for 3.6 million affected users. Note these are taxpayers that were affected.

Just the bill alone for researching how they got in and what was affected and securing the servers was a whopping $125K.

WHMCS not long ago suffered as well with many of their customers data ending up on the internet over a security breach that was done by a social engineering attack as well.

I don't recall ever hearing of a PayPal security breach that ended up leaking customers credit cards and banking information. It might have happened, but I missed it.

Jeez, that's terrible. Yeah, we were a victim of the WHMCS scandal, but it only took a phone call to get the corp card cancelled and another one sent, then some time updating the other vendors with the new info.

We actually go through a registered ISO/MSP of a major bank, and they handle all our PCI compliance by storing and processing the CC data on their end. We still have our liability insurance to cover any breaches and that sort of thing, and we still follow PCI compliance on all our systems, but our attack surface is greatly reduced by not storing, transmitting, or processing any CC data on our end.

The point is that PayPal not you are paying for the security personnel to secure the transaction servers and data storage security.

This doesn't actually stop the host from having to be thoughtful about securing the servers and security issues, but it is one more stumbling block to help protect everyone in case of a problem that everyone missed.

As for trying to be weary of trouble then only choose PayPal verified business owners and such.

I will say also that PayPal has multiple ways to check out one such method is the standard check out. They also have a gateway like a regular merchant account that you can get and use as well.

Heck I even have PayPal Here for use if need be.

The facts are that PayPal does have a verification process where you have to prove you own any bank accounts you add to extract money or add funds to PayPal so there is a definite link to an individual or company at the end of the road with PayPal.

As for credit verification PayPal does that as well they don't just give out all their services to anyone that is verified without a check as implied.

You can of course register with a credit agency and run a check on anyone and everyone you do business with. I don't know of any host that does that however. I know I sure wouldn't give anyone my Social Security number either nor would I recommend it to anyone as well to start doing that. That is why I have an FEIN.

Definitely agree with you. The only problem is, and I haven't run into this, but I've heard of PayPal doing 30-90 day holds on funds for various reasons. That would be a serious cash flow issue if all your transactions are going through them, which is why I also believe it's better to have multiple ways to collect money that are both secure and convenient for your customers, no matter the scale of your business. Do you have enough working capital to sustain 90 days of not being able to receive any payments? I'm exaggerating a bit, but it's a good thought exercise especially since cash flow is the blood of a company.

As for regular merchant accounts I have a story to share. I did have an Authorize.net account when I first started. In my research that was listed as one of the needed things to run a business and I didn't know better so I got setup with Authorize.net with a virtual terminal.

This was all fine and worked, yet it was quite costly for a business starting up. Here I was having to pay for this terminal access and gateway fee while at the same time trying to pay for other business expenses. I ended up ditching it for PayPal which was a pay per use option and fit quite nicely.

Later I decided to try getting an Authorize.net merchant account again. This seemed okay for a while then next thing I know I get slapped with a $99 bill and the money was taken out of my account without my authorization. I called the company up and they told me they were sorry that this was supposed to be covered and not taken out. I canceled my account at that time with the person that set it up and told them I would give them X days to get the money back in my account or I was going straight to the FBI for financial fraud.

I got my money back needless to say, but you can't trust everyone that represents themselves as an authorized Authorize.net merchant account representative to get an account with Authorize.net

How did that happen? Was this a bill for incoming chargebacks/retrievals? I haven't used authorize.net nor know anyone personally that does.

I hope this makes my comments more clear.

I will say that there was a time when I first began that I had the same ideas about someone using PayPal I thought of it as just a method of payment for auctions and small stuff. It was later after really learning how PayPal operates and getting to know the system that I saw different.

The real trouble you have with PayPal is that it is not a bank and doesn't have to follow the same rules and such. Your money is not secured in case of something happening like a FDIC secured institution like a bank.

Actually they do have FDIC pass through, but yes they are not a bank. I would recommend doing your best _not_ to have a balance, and to transfer everything out on a daily basis. This makes it easier to track everything on your books as well.

Like I said earlier, I agree with you and I apologize if I came off as offensive. You bring up a lot of valid points, but a bad experience with authorize.net shouldn't deter you from at least considering a secondary alternative to PayPal. Especially if that is the only way you're able to receive money, it's essentially the blood keeping your business running. If something happens to PayPal, how quickly could you get an alternative secure and convenient method of payment up and running? PayPal may be around for the next five years, they may not. Are you willing to bet your business on it? Stripe and Square are becoming increasingly popular, along with Dwolla. I foresee a major disruption in the payment space within the next few years.

It seems we swayed from proving legitimacy of a business from a consumer point of view to sustaining cash flow from a business perspective.