Fighting Scams in E-commerce with Fraud Detector: From Concept to Implementation

Online store owners often face fraudulent orders: fake addresses, incorrect customer data, and suspicious transactions. These issues not only complicate the work of administrators but can also lead to financial losses.

To help businesses mitigate these risks, we developed the Fraud Detector module for Magento 2. It automates order verification by analyzing customer and transaction data. This article shares the story behind the idea, how we implemented it, and how the module works in practice.

Table of Contents

• Identifying the Problem
• How Are Suspicious Orders Filtered?
• Can Fraud Detector Solve All Scam Issues?
• Installation and Configuration
• Conclusion

Identifying the Problem

When developing new products, we always start by assessing their demand in the e-commerce market. It is crucial to listen to our clients, understand their needs, and even anticipate them. This approach guided us when creating the Fraud Detector for Magento 2.

By the mid-2010s, our company had developed around 40 extensions for Magento 1. The most popular ones were migrated to the newly launched Magento 2 CMS while we simultaneously worked on new extensions specifically for this version.

The Problem

At that time, there was a high demand for modules that helped administrators manage orders and support customers, such as Help Desk, RMA, and Store Credit Refund. Given how new Magento 2 was, it underwent frequent updates, so our developers maintained close communication with business owners to ensure seamless extension functionality.

During this period, we noticed that our clients were experiencing increasing product returns. Many of these orders had suspicious or inconsistent information. This could be due to customer errors or intentional actions by fraudsters. Further research revealed that fraud is a significant issue worldwide.

After analyzing support tickets and customer experiences, we saw that support teams were spending a lot of time verifying orders and approving them manually. We also identified common fraud patterns and shared our findings with our customers through a blog post. We then set out to develop a solution that could automate these checks.

The Solution

In early 2016, a few months after completing our research, we released the first version of the Fraud Detector, specifically for Magento 2. The module’s primary function was to automatically check new orders and mark them as passed or failed based on predefined rules. Administrators could view the results directly from the order list without opening each order individually.

The verification process was based on a set of basic rules, and each order received a score ranging from 0 to 100. Depending on the score, the order was assigned one of three statuses: accept (0-20), review (20-80), or reject (80-100). Orders marked for review or rejection required manual attention from the administrator.

The module allowed users to create custom rules in addition to basic rules, providing more flexibility to adapt the extension to specific business needs.

How Are Suspicious Orders Filtered?

The module’s operation is straightforward. It relies on basic rules. A rule is a set of conditions that checks a single-order value from different perspectives. For example, a phone number will be verified for the number of characters, repeating digits, etc.

Here is a list of the rules used:

• Shipping and billing addresses
• Customer location
• Order amount
• Phone number
• Customer Email
• Customer History
• IP History
• Distance

When a new order is placed, it undergoes these checks. The extension runs with Magento cron and pulls the order from the queue, performs all basic checks, assigns a score and label, and checks for custom rules. If custom rules are found, the order is also processed against them. The final label is then displayed in the order list for the administrator to see.

The module continues processing new orders as long as the cron job is run. If the job times out, the module pauses and waits for the next scheduled run. The rules are designed to utilize customer data as much as possible to identify suspicious discrepancies.

For example, the Distance rule checks the geographical distance between the customer’s actual location (determined by IP) and the billing and shipping addresses. These locations must match to pass this check.

The importance of each rule can vary depending on the store and region. The module allows you to adjust the importance of each rule or even disable them entirely.

You can also modify the score thresholds for each status, making the checks stricter or more lenient as needed. Besides the basic rules, you can create custom rules using available attributes and set your conditions.

For example, a custom rule might check the VAT and TAX numbers provided by the customer during checkout.

The module can also check if the country where the order was placed is on a blacklist. An example of this rule can be seen in the demo store under High-Risk Countries.

Custom rules do not add scores but directly set a status for the order. This means they have a higher priority than basic rules. After the module runs through both basic and custom rules, it assigns a final evaluation to the order. This approach automates standard checks, reduces processing time, and minimizes human error.

Can Fraud Detector Solve All Scam Issues?

No single solution can address all fraud-related challenges. Our module performs strict checks based on certain rules, such as billing and shipping addresses, IP, and order history. However, some rules are based on assumptions, such as the Social Network Check.

The module doesn’t get these direct links; it tries to guess them using combinations of the customer’s name. While people often use real or similar names for their accounts, this guesswork isn’t always accurate.

The same goes for phone number checks. The module analyzes phone numbers for patterns that may indicate fake numbers, such as repeating digits and unusual lengths. Since these characteristics vary by region, a real number might be flagged as fake.

To improve the rule's accuracy, you can adjust the rule weights or use custom rules tailored to your environment. It’s important to note that the module works only with data available in Magento—what the customer provides or what we can deduce through investigations. This leads to certain limitations.

To enhance fraud protection and make it more comprehensive, our clients have, for example, used additional payment protection solutions, such as Stripe Radar, to block fraudsters at the payment stage. This is one of the strategies they’ve shared with us.

Installation and Configuration

Installing the module is straightforward. Store owners can do it themselves using our guide or request free installation from our Support team.

After installation, add your Google API Key in the module settings and enable Google Map API and Geocoding API in the store account (instructions are here). This will allow the module to use Google Maps to make rules and visually assess distances between shipping and billing addresses.

Next, choose your rules, adjust their weights, and set the thresholds for each status: System > Fraud Detection > Fraud Risk Score > Configured.

Fraud Detector is best configured individually for each store based on its unique conditions. This is a simple process that the admin can handle independently. Adjust the weights of the basic rules to ensure the module correctly labels orders.

Custom rules are available under System > Fraud Detection > Custom Rule for more advanced configurations. This feature is for you if you’ve encountered fraud cases on your site before and know what data to check first.

Conclusion

Fraud Detector cannot guarantee that fraudsters will never place orders on your site, but it can help identify suspicious orders and free up administrators for more important tasks.

This module is particularly useful for stores processing many orders daily, as repetitive actions can lead to fatigue and human error. It’s also beneficial for stores with complex logistics or those shipping products over long distances. Shipping a product to a non-existent address across the country or, worse, the world is a costly mistake.

Additionally, Fraud Detector can collect valuable data for analysis that isn’t available in the standard Magento 2 version, including order history (successful and canceled), the number of returns, and IP history—the module remembers the IP address used to place an order and cross-references it with new orders.