CNET también está disponible en español.

Ir a español

Don't show this again

Tech Industry

Who goes there? eBay wants to know

The online auctioneer is to announce a pact with VeriSign to confirm that sellers are who they say they are. But will it stop online fraud?

eBay will use VeriSign to authenticate its auction sellers under a deal the companies plan to announce Wednesday.

eBay is already testing VeriSign's two-tiered authentication service and plans to introduce it in June, said Anil Pereira, executive vice president of VeriSign's enterprise and service provider division. The service will access databases of phone numbers, addresses and credit reports to verify that sellers are who they say they are, Pereira said.

It will debut in the United States in June and will be introduced on eBay's international sites at a later, unspecified time, said Mike Burk, a VeriSign spokesman.

"This is another leg of the stool, so to speak, for eBay's buyers and sellers to feel more confident in their transactions in the marketplace," Pereira said.

In a statement, Jeff Jordan, eBay's vice president of U.S. operations, also emphasized that the service will help ensure trust on eBay.

"Our new relationship with VeriSign continues our tradition of providing eBay users with the latest tools designed to shop in a safe, friendly and trusted environment," Jordan said in the statement.

eBay representatives did not return calls seeking comment.

Trust and security have been persistent concerns on eBay due to recurring cases of fraud on the site. eBay maintains that less than a one-hundredth of 1 percent of all auctions end in a verified case of fraud, but because of the vast number of auctions on the site, that rate still amounts to hundreds of potentially fraudulent auctions each day.

Meanwhile, consumers submit tens of thousands of reports of online auction fraud to the Federal Trade Commission and other consumer protection agencies each year, making it one of the most frequently cited consumer complaints.

Such trust and safety issues have been heightened on eBay in recent months. Last month, the company closed a "very serious" security hole that could have given hackers access to eBay accounts. The company has also drawn criticism from security experts about its selective use of Secure Sockets Layer (SSL) technology to encrypt users passwords.

The security concerns came to light as eBay acknowledged that it has seen a growing number of customer accounts hijacked by hackers. The hackers use the accounts of reputable sellers to set up fraudulent auctions for goods they have no intention of delivering.

Who are you?
The new authentication system will verify the identities of new sellers and sellers who offer high-value goods, Pereira said. eBay may also offer the authentication process for existing sellers, awarding them with some kind of "authenticated" badge that they could use to assure potential bidders, he said.

"We're hoping this will have a viral effect," he said.

As part of the first tier of the new authentication service, eBay will use VeriSign's system to verify the identities of sellers when they register, Pereira said. VeriSign will compare their registration information with address and telephone data from the U.S. Postal Service and phone books, he said.

VeriSign will then assign a score to the data according to its confidence in the information and the potential for fraud. It will then be up to eBay to determine what to do with potentially risky users, he said.

The second tier of the authentication service will be used with sellers who offer high-value goods. Such sellers will be asked to answer "out of wallet questions," meaning that they couldn't be answered by simply looking at a credit card or a driver's license, Pereira said. Instead, the questions might be derived from a person's credit report, involving the person's monthly mortgage payment, for instance.

VeriSign will charge eBay for the service, but Pereira didn't know whether eBay would in turn charge sellers.

It is unclear how the service will affect sellers outside of the United States who post on the U.S. site. Burk said the sellers may have to call VeriSign for a "manual" authentication.

"eBay probably would charge their sellers for their authentication," he said. "It's a service for the sellers."

But the new authentication system may do little to prevent the hijacking scams recently seen on eBay, Pereira acknowledged. eBay will likely ask sellers to authenticate their accounts only once a year or so, not every time they log in, he said.

So the system would be able to confirm only that sellers were who they said they were when they went through the authentication process. And hackers still might be able to sell under an authenticated account.

As part of the deal between the two companies, VeriSign has begun to offer domain names on eBay. The company has already listed some 27 of its new .bz domain names, including Computers.bz, Hotels.bz and Gay.bz. VeriSign may offer a wider variety in the future, Pereira said.

"eBay is a great marketplace for new domain names as well as domain names that have been returned to secondary pool," he said.

Other eBay members have been offering domain names on the service for years, with varying degrees of success. F***edCompany.com founder Philip Kaplan attempted to sell his company's domain name on eBay two years ago, but later decided to cancel the auction. Meanwhile, the owners of the Year2000.com domain name failed in an effort to sell it on eBay after receiving numerous prank bids, including one for $10 million.