I still wish some Congress person would introduce a consumer fairness act that required companies to give the specific evidence and reason for any service ban if the company has over 100,000 users. I don't think the security implications override the current level of abuse.
It's difficult though; giving the reason would directly lead to an explosion of fraud, because you are telling the fraudsters exactly what they screwed up and how to avoid the ban next time.
Anti-fraud is basically all smoke and mirrors; if you reveal the methods it doesn't work any more.
They have abused their need to conceal methods by not having proper customer service to resolve situations where innocent people are banned. Internet and banking services are too important to our lives, much like utilities, to allow this abuse to continue. If they wanted secret methods, then they needed to provide adequate customer service to offset their failures.
If the human customer service provides an off-ramp from being banned, then the fraudsters will use that too. So the question still boils down to the exact same thing in the end: how do you reliably tell the difference between the fraudsters and the legitimate customers?
Don't know, not my area, but like every other business in the US that cost should be born by the business not the consumer. Don't push large groups of people to the thin ice if you don't want laws passed.
