How to install the extension

  1. Backup your store's database and web directory.
  2. Login to the SSH console of your server and navigate to the root directory of the Magento 2 store.
  3. Copy the installation instructions from page My Downloadable Products to the SSH console and press ENTER.
  4. Run command php -f bin/magento module:enable Mirasvit_Core Mirasvit_FraudCheck to enable the extension.
  5. Run command php -f bin/magento setup:upgrade to install the extension.
  6. Run command php -f bin/magento cache:clean to clean the cache.
  7. Deploy static view files

    rm -rf pub/static/*; rm -rf var/view_preprocessed/*; php -f bin/magento setup:static-content:deploy

If extension was installed thought direct files uploading, also need run command composer require geoip2/geoip2:~2.0 for install required libraries.

Quick Start

Our Fraud Detection extension is a simple yet powerful extension, that works out-of-box, and allows you to begin monitoring your orders from scratch.

However, there's more to adjust and tune-up to make your fraud detection more precise.

  1. Start with indicators and their importance. Monitor score of your orders, and decide, which of them actually important, and which are not.
  2. If indicators are not enough effective, create your own Fraud Detection Rules, which will analyze other order and customer properties, and mark Fraud Levels of the orders.
  3. Constantly check your fraud detection performance, adjust indicators and rules and your store became much more safe place.

This is a good start. Refer to corresponding sections of manual to know more.

Working with Fraud Risk Scores

Fraud Detection extension checks all orders, which are come to your store, and rates them according to Risk Score - multi-factor check, defined by indicators and rules.

It will be shown at the Sales -> Orders grid as colored mark in Fraud Score column, with corresponding numerical rate value.

Order Fraud Column

Color of the mark corresponds with three possible Fraud Risk levels:

  • Green - Accept level, which marks orders as safe to complete. By default it corresponds to score from 0 to 20 .
  • Yellow - Review level, which warns you about inconsistencies found in order properties. By default it corresponds to score from 30 to 80.
  • Red - is the highest level Reject, equals to 80 - 100 balls, and marks order as dangerous.

The minimum possible score is 0 (all indicators and rules are passed) - not fraud. The maximum score is 100 - fraud (e. q. all checks failed).

This numerical value is calculated from a set of built-in indicators, which are summed and compared to level definition. You can adjust level bounds, if you need.

Each indicator is a separate check, and result of them are shown on respective tab, added to the Order Edit page:

Order Fraud Tab

Read more about these checks at Fraud Indicators section.

How to adjust levels of Fraud Risk Score

To adjust the Fraud Risk Score levels, follow these steps:

  • Go to System -> Fraud Detection -> Fraud Risk Score and press Configure button.
  • At top part of Configuration Page, under Statuses title, you will see a colored line, which defines Fraud Levels. Move sliders to adjust bounds of levels.
  • Save configuration.
  • After that, our extension will recalculate scores for the last 10 orders, shown on the same page.

You can also adjust indicator importance in the same Configuration page. Proceed to Fraud Indicators section to know more.

Configuring Fraud Scores

Our extension calculates Fraud Score using indicators and rules. Each one is a separate check, and results are displayed in dedicated tab at Order Edit Page.

Order Fraud Tab

  • Social Network Check - although untitled, this check is displayed first, above Fraud Checklist section. It included links to social media, that possibly belong to customer:
    • Facebook - a personal Facebook profile.
    • Twitter - a Twitter feed.
    • Linkedin - a Linkedin page.

      Note

      Our extension do not fetch social pages of customer by his email, or something else. It just tries to guess these links, using different combinations of first and last name customer. Usually customers pick their social media nicknames after their real name, so this guess is very likely to hit.

The rest of indicators are displayed at Fraud Checklist section. All of these indicators have their own importance (e. q. whether they can be surely used for fraud detection). Our extension comes with a pretty good weights for each of them, but you can adjust to fit your specific.

Here is a short description for each indicator:

  • Shipping and Billing Addresses - this check compares shipping and billing addresses. They should match in order to pass this check.
  • Customer Location - this check compares country from addresses with the country, defined by IP address, from which order was placed. They should match in order to pass this check.
  • Order amount - this check measures average order total by the store, and compares to the current order's total. If amount is too little, or too large, the check is failed.

    Note

    This indicator is likely to fail, when your store's community is only forming, or on sales event. We recommend it to give this check low importance (by default it is 3).
  • Phone number - this check analyzes phone number and searches for a combinations, that can expose it as false - repetitive patterns, the same digits, unusual length, etc.

    Note

    This indicator is also likely to fail - since phone numbers can be very different. By default its importance is 1, e. q. very low.
  • Customer Email - this check analyzes risky patterns in emails. In order to pass this check, email should not customer name parts or blacklisted words, such as example.

    Note

    Our extension has very restricted built-in blacklist, so we recommend to have this indicator low-profile, and create instead custom blacklist with Rule. We have a good example of it to follow.
  • Customer History - this check is merely informational. It contains short statistics of customer sales .
    • Quantity of Completed Orders - orders, that were fully satisfied.
    • Quantity of Refunded Orders - refund numbers.
    • Quantity of Cancelled Orders - orders, that were cancelled.

      Note

      If customer did not yet placed any order, there will be notification Customer has not placed orders before.
  • IP History - basically, it is the same check, as above, but with IP filter. To pass this check, customer needs to have most of his orders placed from the same IP.
  • Distance - is geo-based check, which measures distance between actual customer location (calculated from IP) and location of his billing and shipping address. In order to pass this check, they should match.
  • Location - this check is untitled, since it act as an addition to previous one, and visually highlights actual customer location.

You can also see High-Risk Countries indicator at the top of the checklist. This indicator is added by Fraud Detection Rule. They have higher priority and can even declare order as Fraud just by matching their conditions. Read more at Fraud Detection Rules sections.

How to adjust Importance of Indicators

To adjust importance of Indicators, you need to visit System -> Fraud Detection -> Fraud Risk Score section, and do the following:

  • Press Configure button, and you will be brought to the Risk Configuration Page. Fraud Score Config
  • Edit properties of the indicators, as you need, using the following columns:
    • Status - allows you to turn on/off this indicator.
    • Importance - displayed only when Status is turned on. It allows you to set weight of this indicator from 0 (unimportant) to 10 (definitive).
    • Rule - is the name of indicator. They all pre-defined and cannot be changed.
  • When you change the properties, fraud levels for last 10 orders are recalculated and displayed on the right side pane. Use it to check, whether you had set importance correctly.
  • Save configuration.

From that moment our extension will check orders, and rate them according to that indicators.

However, this rate can be overridden by Fraud Score Rules, which allow you more flexible way to check orders for fraud.

Fraud Detection Rules

Custom rules allow you to configure your indicator for checking orders for a fraud. These rules have higher priority, than pre-defined indicators and provide you with more possibilities.

All of them located in their dedicated grid at System -> Fraud Detection -> Custom Rules.

Please, check examples before creating your own rules.

How to create a new Fraud Score Rule.

Visit System -> Fraud Detection -> Custom Rules and press Add Rule button. You will be brought to the Rule creation page, which consist of two subsections:

  • General Information - defines properties and action, that should be assigned to order on conditions match:

    • Name - sensical name of the Rule. It will be displayed as indicator at Fraud Risk Score of the order.
    • Is Active - whether rule is active and applies to order.
    • Set Status to - allows to assign Risk level to order bypassing pre-defined indicators.
  • Conditions - defines conditions, whose match shall trigger the rule.

Each rule has four possible global modes of applying conditions in respective Conditions tab, shown in special header If *[apply mode]* of these conditions are *[validation mode]*:

Applying modes define, when rule shall be triggered:

  • ALL - implies, that rule will be executed only when strictly all conditions were met;
  • ANY - implies, that rule will be executed only when one or more (but not all) of conditions were met;

Validation modes define, which result can produce each condition to be counted as "met":

  • TRUE - implies. that conditions should be valid.
  • FALSE - implies, that conditions should be invalid.

These modes allow to create flexible condition sets to satisfy policy of any complexity.

Each mode define a block, where can be set the following conditions:

  • Order Properties

    • Discount Amount - discount, used in current order.
    • Grand Total - actual paid money amount of current order.
    • Items Quantity - a total quantity of all items in order
    • Placed from IP - an IP, from which order was placed.
    • Shipping Amount - shipping fees, paid in current order.
    • Subtotal - subtotal of current order (e. q. without fees and taxes).
    • Tax Amount - tax, paid in current order.

     

  • Customer Properties

    • Group - group, that customer belongs to.
    • Lifetime Sales - total paid amount for all completed orders, placed by current customer.
    • Number of Orders - total quantity of orders, placed by customer
    • Is subscriber - whether customer had subscribed to store's newsletter
    • Number of Reviews - number of product reviews, created by current customer
    • Is Confirmed - whether current customer had confirmed his account.
    • Created At - date of customer registration
    • Associate to Website - on which website customer was registered

      Note

      You need to use numerical Website ID here.
    • Create In - name of storeview, where customer was registered
    • Personal Info Properties - such as Name Prefix, First Name, Last Name, Email, Date of Birth, Gender and etc.
    • Tax/VAT Number - Tax number of current customer.
    • First Failure Date - date, on which login of customer was rejected (due to incorrect login/password or CAPTCHA).
    • Failures Number - is the number of login failures during last session.

     

  • Billing Address Properties

    • Payment Method - payment method, used for billing.
    • Billing Person Properties - such as Name Prefix, First Name, Last Name, Name Suffix, etc.
    • Company - a company, to which billing belong
    • Address Properties - such as Street, City, Country, State/Province, Zip Code, etc.
    • VAT Number - Tax/VAT number, used for billing
    • VAT Number validity - whether Tax/VAT number is valid.
    • VAT Number validation request ID - ID of VAT validation request.
    • VAT Number validation request date - ID of VAT validation request date.
    • VAT Number validation request success - whether VAT was successfully validated.

     

  • Shipping Address Properties

    • Shipping Method - shipping method, used for current order.
    • Same properties as in Billing Address

     

You can also define sub-blocks, which also will contain mode of applying conditions, as described above. This allow you to create complex conditions, and detect nearly any possible fraud.

Examples of Fraud Score Rules

  • Set Fraud Level as Review, when order placed through proxy server

    Fraud Orders are often placed through proxy servers to hide identity of customer. This rule allows you to catch, when customer hides behind proxy.

    • General Information
      • Set Status to: Review
    • Conditions
      • Placed from IP is one of 117.6.161.118, 40.76.17.123, 181.49.24.126, 78.36.39.220, 5.189.133.231

    Note: Free Proxy List, used in this example, can be obtained here.

  • Set Fraud Level as Review, when Email contains words from blacklist

    Since our built-in blacklist is very restricted, you may need a more extensive black list check.

    • General Information
      • Set Status to: Review
    • Conditions
      • If ANY of these conditions are TRUE:
        • Email contains abuse (selected in Customer condition drop-down section)
        • Email contains anticaptcha
        • Email contains blackhole
        • Email contains cymru
        • [any other expression]

    Note: This way you can also blacklist unwanted persons, sites and services, and create custom blacklists for any other customer property.

  • Mark as Fraud orders, placed by unconfirmed customers with failures on login

    If you use auto-registration feature while placing an order, you might also check - whether such an order was placed by a robot.

    • General Information
      • Set Status to: Reject
    • Conditions
      • Is Confirmed is 0 (this and other conditions are selected from Customer drop-down section)
      • Number of Orders equals or less than 1
      • Failures Number equals or greater than 5

    Note: Order from unconfirmed customer is not a fraud, but when newly registered customer fails for 5 times - he is most likely did not pass a CAPTCHA or other auto-login prevention tool.

  • Mark as Fraud orders, placed by customer with invalid Tax/VAT number

    • General Information
      • Set Status to: Reject
    • Conditions
      • If ANY of these conditions are TRUE:
        • Billing: VAT number validity is 0
        • Shipping: VAT number validity is 0

     

How to upgrade extension

To upgrade the extension follow these steps:

  1. Backup your store's database and web directory.
  2. Login to the SSH console of your server and navigate to the root directory of the Magento 2 store.
  3. Run command composer require mirasvit/module-fraud-check:* --update-with-dependencies to update current extension with all dependencies.

    Note

    In some cases the command above is not applicable, it's not possible to update just current module, or you just need to upgrade all Mirasvit modules in a bundle. In this case command above will have no effect.

    Run instead composer update mirasvit/* command. It will update all Mirasvit modules, installed on your store.

  4. Run command php -f bin/magento module:enable Mirasvit_Core Mirasvit_FraudCheck to re-enable extension.
  5. Run command php -f bin/magento setup:upgrade to install the updates.
  6. Run command php -f bin/magento cache:clean to clean the cache.
  7. Deploy static view files

    rm -rf pub/static/*; rm -rf var/view_preprocessed/*; php -f bin/magento setup:static-content:deploy

Disabling the Extension

Temporarily Disable

To temporarily disable the extension please follow these steps:

  1. Login to the SSH console of your server and navigate to the root directory of the Magento 2 store.
  2. Run command php -f bin/magento module:disable Mirasvit_FraudCheck to disabled the extension.
  3. Login in to the Magento back-end and refresh the store cache (if enabled).

Extension Removal

To uninstall the extension please follow these steps:

  1. Login to the SSH console of your server and navigate to the root directory of the Magento 2 store.
  2. Run command composer remove mirasvit/module-fraud-check to remove the extension.
  3. Login in to the Magento back-end and refresh the store cache (if enabled).

Change Log

1.0.31

(2018-08-16)

Improvements

  • Added ability to change Google Maps API key

1.0.30

(2018-07-16)

Fixed

  • Issue with shipping address

1.0.29

(2018-06-05)

Fixed

  • Issue with map initiliazation

1.0.28

(2018-06-04)

Fixed

  • initMap error

1.0.27

(2017-10-23)

Fixed

  • Issue with shipping/billing address validate message

1.0.26

(2017-09-27)

Fixed

  • M2.2

1.0.25

(2017-09-18)

Improvements

  • Performance

1.0.24

(2017-08-30)

Fixed

  • Subscriber load logic

1.0.23

(2017-08-22)

Fixed

  • Score status calculations

1.0.22

(2017-07-19)

Fixed

  • Css styles

1.0.21

(2017-07-17)

Improvements

  • Performance on orders list page

1.0.20

(2017-07-10)

Fixed

  • Move qty/count from quote to order

1.0.19

(2017-06-20)

Improvements

  • Added rule for validate by IP

1.0.18

(2017-05-05)

Improvements

  • Ability to create rule for payment method

1.0.17

(2017-05-05)

Fixed

  • Issue with shipping and billing postcodes comparison
  • Fixed an issue with saving score

1.0.16

(2017-03-14)

Improvements

  • Added ability to use count/qty in custom rules

1.0.15

(2017-03-13)

Fixed

  • Fixed an issue with performance

1.0.14

(2017-03-10)

Fixed

  • Disabled ability to filter by fraud score

1.0.13

(2017-02-23)

Improvements

  • Social profiles

1.0.12

(2017-01-12)

Fixed

  • Fixed an issue with "Ambiguous class resolution"

1.0.11

(2016-11-30)

Improvements

  • Changed GeoIP database to GeoLite2-City.mmdb

1.0.10

(2016-11-29)

Fixed

  • Fixed an issue with updating fraud score

1.0.9

(2016-10-17)

Fixed

  • Fixed an issue with IP

1.0.6

(2016-10-11)

Fixed

  • Fixed an issue with updating orders

1.0.5

(2016-09-30)

Features

  • Ability to hold order review or reject status

1.0.4

(2016-09-28)

Fixed

  • Fixed an issue with empty score
  • Fixed an issue with infinity loop

Documentation

  • Updated welcome section

1.0.3

(2016-09-14)

Improvements

  • Hold order if fraud score is too high (review or reject)

Fixed

  • Fixed an issue with fraud status calculations

1.0.2

(2016-08-15)

Fixed

  • Fixed an issue with menu

1.0.1

(2016-06-24)

Fixed

  • Compatibility with Magento 2.1

1.0.0

(2016-05-19)

Fixed

  • Fixed an issue with orders grid
  • Link to user manual
  • Removed font-awesome

Improvements

  • Added images to google map