The model for Sift (formerly Sift Science) was to essentially pull all the data everyone provided in together so anyone using their system benefitted from everyone else's data, but without exposing the actual PII of the fraudsters (or people the fraudsters are pretending to be).
There are public suspicious IP address lists/lookups but nowadays fraudsters with any level of sophistication tend to get a fresh IP each time.
It's a hard problem. You have to decide who you can trust to submit "fraudsters" data and to what extent you trust what they provide. If you start looking at PII (emails, phone numbers, faces, etc. as you say) then even good actors may inadvertently add data of innocent people that fraudsters are fronting as.
Interesting comment. Yeah, I've noticed IP datasets are very spotty or in general do not solve the issue of misattribution by nature of ipv4, reassignments etc.
On the other hand, yeah, I've seen services that share this kind of data like Sift and seon.
I'd never thought about this "tainting" aspect though. Good point.
I'm not aware of one, but an Australian hedge fund, Bronte Capital led by John Hempton keep their own database of fraudsters and their associated with the goal of identifying dodgy businesses to short. He has discussed this on a number of podcasts.
No slippery slope there. Nope...no way that could go wrong. Definitely no long track record of examples where it has gone wrong. Nopety nope nope nope...
There are public suspicious IP address lists/lookups but nowadays fraudsters with any level of sophistication tend to get a fresh IP each time.
It's a hard problem. You have to decide who you can trust to submit "fraudsters" data and to what extent you trust what they provide. If you start looking at PII (emails, phone numbers, faces, etc. as you say) then even good actors may inadvertently add data of innocent people that fraudsters are fronting as.