The security in fraud protection (or any detective control) is in the thresholds and triggers being activated and protecting the system.
Protecting the values of those controls is common sense. This is on a need-to-know basis. Users don't need to know.
If you advertise that your system will permit 9,999 transactions per minute, then every client will calibrate to max out at 9,999, malicious or not. Then, you adjust that up or down, and not everyone follows suit. Whoops!
This isn’t talking about the value of a threshold. This is talking about providing a reason at all.
Accusing people of fraud for personal gain seems like fraud to me. If it is beneficial for you to not disclose how the fraud works it seems we are talking about both deception and a false accusation - for personal gain? aka fraud?
You can't have it both ways! It seems to me like Etsy's silence is the opposite of an accusation, and whatever investigation they're doing, they don't want these sellers to flip out any more than necessary!
Also, these sound like reasons to me:
> Etsy's payment policy states the reasons for putting money on hold include a sudden increase in sales, a shop having only made its first sale recently, the shop committing a "policy violation" or "other risk factors".
Etsy's interest in fraud prevention goes to their reputation as a marketplace, and their relationship with legitimate sellers, buyers, and their payment processor, and any other third-party services in the loop. If Etsy doesn't accurately detect, investigate, and prevent fraud, then their bank and payment processors will ban Etsy for fraud, and I think that would really suck for 100% of sellers!
It is not easy for Etsy to bank-switch. They can't just POKE a register.
Also, some of those reasons aren't necessarily fraud, just indicators. It's a "Yield" sign to slow things down until they can check it out. I mean, do you realize the scale of this platform?
Personal gain, my foot.
