Better ways to identify my customers

[1R1S]

I use skrill to sell btc. Before I give my potential customers my email to send money to, I ask them to give me their id document, e.g. passport, and screenshot of their profile page, so that I can see the names in id and profile match. I do this procedure to ensure the account wasn't hacked.

But this also makes customers who don't like giving this info for whatever reasons, refrain from me. I want to have another identification method, like sending sms to their number. If customer has access to his phone, he can enter the message I sent him, to me again.

Thing is I am not sure how skrill account can get hacked. I guess this can be done only via email: you get email, you ask skrill to reset your password and now you have access to other person's account. If you have skrill user's phone number, you can't do much with it... or can you? It looks like phone number is used only for verification when user creates skrill account. I don't see any way hacker can use it in case he knows what phone number is.

[exstasie]

I use skrill to sell btc. Before I give my potential customers my email to send money to, I ask them to give me their id document, e.g. passport, and screenshot of their profile page, so that I can see the names in id and profile match. I do this procedure to ensure the account wasn't hacked.

But this also makes customers who don't like giving this info for whatever reasons, refrain from me. I want to have another identification method, like sending sms to their number. If customer has access to his phone, he can enter the message I sent him, to me again.

How do you verify it's their real phone number? Because it's listed in their Skrill profile?

A hacker can probably change the phone number on a compromised account pretty easily. They could just be giving you a burner phone or Google voice number. They could only change the name on a Skrill account by contacting Skrill support and completing verification: https://www.quora.com/How-can-I-change-my-name-in-Skrill-to-be-correct

So phone verification seems a lot less reliable than your original method unless I'm misunderstanding.

[BitMaxz]

Don't change your ways to identify real owner/customer like the above said SMS is not enough to identify them.
To make sure you are not dealing with any hacked accounts selfie with ID is enough to identify if your customer is the real owner of the skrill account.

If they don't want to give their selfie with ID there is a big chance that you are dealing with the hacker. So, much better ignore them if they can't give their ID  with a selfie.

[Cogniscient]

You can also use Trading ERP to identify your customer in an Effective. There are many ERP software are available in the market, Like SAP Business One, Oracle, and many more.

[jrrsparkles]

When someone hacked an account then it is also possible to change the mobile number also so your point of verification doesn't prove anything.But identity with real name match could be the best possible verification but its still not 100% because lot of people got hacked along with their personal data as well so you can ask for something like holding on something with today's date written on a selfie.

[davis196]

So you sell btc for skrill payments.Wasn't that too risky?Skrill payments can be reversed,while btc transactions can't.How can SMS verifications protect you from being scammed?There are plenty of options to send/receive SMS online for free.You should carry on with ID verification,even though I don't think it helps that much from preventing scams.If you meet a smart scammer,he will eventually scam you despite all verification methods.

[bitsurfer2014]

Don't change your ways to identify real owner/customer like the above said SMS is not enough to identify them.
To make sure you are not dealing with any hacked accounts selfie with ID is enough to identify if your customer is the real owner of the skrill account.

If they don't want to give their selfie with ID there is a big chance that you are dealing with the hacker. So, much better ignore them if they can't give their ID  with a selfie.

A selfie with ID verification would suffice but maybe you could ask your customer for a video interview to fully assert their real identities or another method is that you could require them to use  https://keybase.io and verify their public keys tied to their identities. Also, you can try to request if they have verified KYC coming from third party providers.

[bravehearth0319]

I use skrill to sell btc. Before I give my potential customers my email to send money to, I ask them to give me their id document, e.g. passport, and screenshot of their profile page, so that I can see the names in id and profile match. I do this procedure to ensure the account wasn't hacked.

But this also makes customers who don't like giving this info for whatever reasons, refrain from me. I want to have another identification method, like sending sms to their number. If customer has access to his phone, he can enter the message I sent him, to me again.

Thing is I am not sure how skrill account can get hacked. I guess this can be done only via email: you get email, you ask skrill to reset your password and now you have access to other person's account. If you have skrill user's phone number, you can't do much with it... or can you? It looks like phone number is used only for verification when user creates skrill account. I don't see any way hacker can use it in case he knows what phone number is.

As I read your statement, I noticed that you have a lot of request to your customers to verify if He/She is the real person you are transacting it.
In my opinion sending Id and selfie is enough, because with this it is already valid, compared to email, and sms no. Don't you notice in every centralized exchange only KYC was their final needs to verify their clients to avoid dummy accounts.

[buwaytress]

There is a way to get around phone number identification and its called sim swapping, but I understand also there are sim cloning abilities... Haven't heard of it being used for skrill yet though. I daresay anyone who has access to this tech wouldn't be wasting access trading bitcoin.

Fraudsters have claimed being hacked and this is the danger you face but it's an equal risk with any other verification method.

[jackg]

If they don't want to give their selfie with ID there is a big chance that you are dealing with the hacker. So, much better ignore them if they can't give their ID  with a selfie.

Not exactly, I mean there's a higer chance but it's not a big one (for example: I don't give out my ID unless it's to an exchange that will watermark it - for people that want ID I normally use cash transfers to get around it).

@OP, you can't do anything without verifying some sort of ID, I've been asked to photograph a debit card (with your finger over the long number) which should be fine (since a standing order/direct debit need an address for verification if the person on the other end was an attacker).

There is a way to get around phone number identification and its called sim swapping, but I understand also there are sim cloning abilities...

I recentrly cancelled a contract, and it takes ~48 hours to use a PAC to transfer someone's number (and the PAC was sent instantly to my device) - if the device were compromised then anyone could get the number and then remotely delete the text...