Fraud Detection
v1.2.12

Fraud Detection Rules

Custom rules allow you to configure your indicator to check orders for fraud. These rules have higher priority than pre-defined indicators and provide you with increased possibilities.

All of them are located in their dedicated grid at System -> Fraud Detection -> Custom Rules.

Please, check the examples before creating your own rules.

How to create a new Fraud Score Rule.

Visit System -> Fraud Detection -> Custom Rules and press the Add Rule button. You will be brought to the Rule creation page, which consists of two subsections:

  • General Information - defines properties and the action that should be assigned to order on conditions match:

    • Name - a logical name of the Rule. It will be displayed as an indicator at Fraud Risk Score of the order.
    • Is Active - indicates whether the rule is active and applies to order.
    • Set Status to - allows you to assign a Risk level to order bypassing pre-defined indicators.
  • Conditions - defines conditions whose match will trigger the rule.

Each rule has four possible global modes of applying conditions in the respective Conditions tab, shown in a special header If *[apply mode]* of these conditions are *[validation mode]*:

Applying modes define when a rule will be triggered:

  • ALL - implies that the rule will be executed only when strictly all conditions are met;
  • ANY - implies that the rule will be executed only when one or more (but not all) of the conditions are met;

Validation modes define which result can produce each condition to be counted as "met":

  • TRUE - implies that the conditions should be valid.
  • FALSE - implies that the conditions should be invalid.

These modes allow for creating flexible condition sets to satisfy the policy of any complexity.

Each mode defines a block where the following conditions can be set:

  • Order Properties

    • Discount Amount - discount that is used in the current order.
    • Grand Total - actually paid money amount of the current order.
    • Is new IP - IP that wasn’t used for place any previous orders (1 = yes, 0 = no).
    • Items Count - the maximum quantity of single item in the order.
    • Items Quantity - the total quantity of all items in the order.
    • Placed from IP - an IP, from which order was placed.
    • Shipping Amount - shipping fees, paid in the current order.
    • Subtotal - subtotal of the current order (e.g. without fees and taxes).
    • Tax Amount - tax paid in the current order.

     

  • Customer Properties

    • Group - the group that the customer belongs to.
    • Lifetime Sales - total paid amount for all completed orders placed by the current customer.
    • Number of Orders - the total quantity of orders placed by the customer
    • Is subscriber - verifies whether the customer has subscribed to the store's newsletter
    • Number of Reviews - the number of product reviews created by the current customer
    • Is Confirmed - verifies whether the current customer has confirmed the account.
    • Created At - date of customer registration
    • Associate to Website - website on which the customer was registered

      Note

      You need to use a numerical Website ID here.
    • Create In - name of the storeview where customer was registered
    • Personal Info Properties - such as Name Prefix, First Name, Last Name, Email, Date of Birth, Gender, etc.
    • Tax/VAT Number - Tax number of the current customer.
    • First Failure Date - date on which the login of the customer was rejected (due to incorrect login/password or CAPTCHA).
    • Failures Number - is the number of login failures that took place during the last session.

     

  • Billing Address Properties

    • Payment Method - payment method used for billing.
    • Billing Person Properties - such as Name Prefix, First Name, Last Name, Name Suffix, etc.
    • Company - company to which the billing belongs
    • Address Properties - such as Street, City, Country, State/Province, Zip Code, etc.
    • VAT Number - Tax/VAT number that is used for billing
    • VAT Number validity - verifies whether the Tax/VAT number is valid.
    • VAT Number validation request ID - ID of VAT validation request.
    • VAT Number validation request date - ID of VAT validation request date.
    • VAT Number validation request success - verifies whether the VAT was successfully validated.

     

  • Shipping Address Properties

    • Shipping Method - shipping method, used for the current order.
    • Same properties as in Billing Address

     

You can also define sub-blocks, which will also contain the mode of applying conditions, as described above. This allows you to create complex conditions and detect nearly any possible fraud.

Examples of Fraud Score Rules

  • Set Fraud Level as Review, when order placed through proxy server

    Fraud Orders are often placed through proxy servers to hide the identity of the customer. This rule allows you to catch when the customer hides behind a proxy.

    • General Information
      • Set Status to: Review
    • Conditions
      • Placed from IP is one of 117.6.161.118, 40.76.17.123, 181.49.24.126, 78.36.39.220, 5.189.133.231

    Note: the Free Proxy List used in this example can be obtained here.

  • Set Fraud Level as Review, when Email contains words from blacklist

    Since our built-in blacklist is highly restrictive, you may need a more extensive blacklist check.

    • General Information
      • Set Status to: Review
    • Conditions
      • If ANY of these conditions are TRUE:
        • Email contains abuse (selected in the Customer condition drop-down section)
        • Email contains anticaptcha
        • Email contains blackhole
        • Email contains cymru
        • [any other expression]

    Note: This way, you can also black-list unwanted persons, sites and services, and create custom blacklists for any other customer property.

  • Mark as Fraud orders, placed by unconfirmed customers with failures during login

    If you use the auto-registration feature while placing an order, you might also check whether such an order was placed by a robot.

    • General Information
      • Set Status to: Reject
    • Conditions
      • Is Confirmed is 0 (this and other conditions are selected from Customer drop-down section)
      • Number of Orders equals or less than 1
      • Failures Number equals or greater than 5

    Note: Order from the unconfirmed customer is not a fraud, but when a newly registered customer fails 5 times - they most likely did not pass a CAPTCHA or other auto-login prevention tool.

  • Mark orders placed by the customer with an invalid Tax/VAT number as Fraud orders

    • General Information
      • Set Status to: Reject
    • Conditions
      • If ANY of these conditions are TRUE:
        • Billing: VAT number validity is 0
        • Shipping: VAT number validity is 0