Skip to main content

How to create a custom rule

Visit System -> Fraud detection -> Custom rules and press the Add rule button. You will be brought to the rule creation page, which consists of two subsections:

  • General information: defines properties and the action that should be assigned to order on conditions match:
    • Name: a logical name of the Rule. It will be displayed as an indicator at fraud risk score of the order.
    • Is active: indicates whether the rule is active and applies to order.
    • Set status to: allows you to assign a risk level to order bypassing pre-defined indicators.

      • Conditions: defines conditions whose match will trigger the rule.

        Each rule has four possible global modes of applying conditions in the respective Conditions tab, shown in a special header If *[apply mode]* of these conditions are *[validation mode]*:

        Applying modes define when a rule will be triggered:

        • ALL: implies that the rule will be executed only when strictly all conditions are met;
        • ANY: implies that the rule will be executed only when one or more (but not all) of the conditions are met;

        Validation modes define which result can produce each condition to be counted as "met":

        • TRUE: implies that the conditions should be valid.
        • FALSE: implies that the conditions should be invalid.

        These modes allow for creating flexible condition sets to satisfy the policy of any complexity.

        Each mode defines a block where the following conditions can be set:

        • Order properties
        • Customer properties
        • Billing address properties
        • Shipping address properties

        You can also define sub-blocks, which will also contain the mode of applying conditions, as described above. This allows you to create complex conditions and detect nearly any possible fraud.

Examples of fraud score rules

Set fraud level as "Review", when order placed through proxy server

Fraud Orders are often placed through proxy servers to hide the identity of the customer. This rule allows you to catch when the customer hides behind a proxy.

  • General information
    • Set status to: Review
  • Conditions
    • Placed from IP is one of 117.6.161.118, 40.76.17.123, 181.49.24.126, 78.36.39.220, 5.189.133.231
note

The Free Proxy List used in this example can be obtained here.

Set fraud level as "Review", when email contains words from blacklist

Since our built-in blacklist is highly restrictive, you may need a more extensive blacklist check.

  • General information
    • Set status to: Review
  • Conditions
    • If ANY of these conditions are TRUE:
      • Email contains abuse (selected in the Customer condition drop-down section)
      • Email contains anticaptcha
      • Email contains blackhole
      • Email contains cymru
      • [any other expression]
note

This way, you can also black-list unwanted persons, sites and services, and create custom blacklists for any other customer property.

Mark as "Fraud" orders, placed by unconfirmed customers with failures during login

If you use the auto-registration feature while placing an order, you might also check whether such an order was placed by a robot.

  • General information
    • Set status to: Reject
  • Conditions
    • Is Confirmed is 0 (this and other conditions are selected from Customer drop-down section)
    • Number of Orders equals or less than 1
    • Failures Number equals or greater than 5
note

Order from the unconfirmed customer is not a fraud, but when a newly registered customer fails 5 times - they most likely did not pass a CAPTCHA or other auto-login prevention tool.

Mark orders placed by the customer with an invalid Tax/VAT number as fraud orders
  • General information
    • Set status to: Reject
  • Conditions
    • If ANY of these conditions are TRUE:
    • Billing: VAT number validity is 0
    • Shipping: VAT number validity is 0
Set fraud level as "Accept", when 3D Secure is enabled

If the 3D Secure protocol is enabled on the site to protect against credit card payment fraud, you can disable additional order verification via Fraud Detection by using the following configuration for a custom rule:

  • General information
    • Set status to: Accept
  • Conditions
    • If ALL of these conditions are TRUE:
    • Payment info: Key:Value is LiabilityShifted:Yes
    • Payment info: Key:Value is LiabilityShiftPossible:Yes