I can't even imagine the justification in a board meeting that allows for shrinkage on their scale for such an easy resolution.
To me, a simple resolution would be to escalate the "item not received," issue to a state side department (not in India, from what I'm understanding), track recent orders and customer interaction (super simple algorithm), and lastly and MOST importantly do not allow customer orders to be given out so freely with a verification of address and name (at least require an account pin or last 4 digits for the order in question).
If Amazon implemented at least these barriers, then the security of an account would fall where it should...back on the owner...not so easily be phished through Whois data, or just knowing someone has an Amazon account.
It's almost as if a black hat could use a phone book and tie names, with addresses and phone numbers and straight phish for data. This is just way too easy for fraud that the fact that it's Amazon is appalling.
To me, a simple resolution would be to escalate the "item not received," issue to a state side department (not in India, from what I'm understanding), track recent orders and customer interaction (super simple algorithm), and lastly and MOST importantly do not allow customer orders to be given out so freely with a verification of address and name (at least require an account pin or last 4 digits for the order in question).
If Amazon implemented at least these barriers, then the security of an account would fall where it should...back on the owner...not so easily be phished through Whois data, or just knowing someone has an Amazon account.
It's almost as if a black hat could use a phone book and tie names, with addresses and phone numbers and straight phish for data. This is just way too easy for fraud that the fact that it's Amazon is appalling.