Danny, I do not think this is necessary. Managing credit card frauds is a technical aspect other businesses are facing and have to be dealing with daily. There are scenarios and/or case-studies available on the Internet describing how to minimize such threat. Just google 'credit + card + fraud' and you'll get many interesting pages addressing this in detail. The simplest solution would be to ask the registrars/registries running non-AGP based ccTLDs. In fact, most registrars run such ccTLDs so they already KNOW how to manage it. I do not see a reason to handle this for them, especially when we are not asked to do that. Furthermore, every registrar might differ in expectations of how such a mechanism should work and suit their needs. Or, we could consider the suggestions in the first paragraph the alternative and suitable way. Dominik Danny Younger wrote:

Let's be clear about something... the Registrar Constituency's primary argument in favor of retaining the AGP is for its use as a device within which credit card fraud may be managed. At the very least, if we will be arguing to eliminate the AGP, we should be offering up an alternative and suitable way to mitigate Registrar fraud concerns if we hope to arrive at a consensus-based solution.

The only way that I can think of having this accomplished is via new language in a Credits Section within the Service Level Agreement that is part of the relevant Registry-Registrar Agreement -- see for example http://www.verisign.com/static/002136.pdf

This, of course, will require cooperation from the Registries who may not be prone to re-drafting their agreements.

Does anyone else that is advocating AGP elimination have any concrete suggestions to deal with the fraud concerns that can be put on the table?