Authentication – How to catch users who create multiple accounts on the same website with unique credentials?

Nowadays, e-commerce is the new trend compared to retail stores, but some sellers will manipulate their rankings through fake purchases of their own items to significantly improve the ranking. The point is that they can not do it at the location where they open their seller accounts because the site will record their information. So, what they do to create a new account, is:

  • Buy a new destruction sim card to get a new number.
  • Use another mobile phone (to receive SMS codes because some websites may use metrics such as their ANDROID_ID to detect the device being used)
  • Use a different and unique computer with a different wifi network to make the purchase. (such as internet cafes or public computers)
  • Create a one-time email using the new mobile number.
  • Pay with offline methods that do not require identification (for example, 7 to 11 stores and other convenient methods requiring only the transaction number)

That said, there is virtually no fingerprint left to know if it is actually purchased by the seller of the item. The surest way to catch them is to contact the person who has sold the cell phone and find the unique identification information of the phone to find out who the owner of the phone is (assuming the phone does not have the phone). is not stolen), but it takes time and is unlikely.

How else can the e-commerce website track these activities?