Live Support

Open Commerce Antifraud Account

Need an Open Commerce Antifraud Service account?

If you need an Open Commerce Antifraud Service account, sign up here!

Introduction

What is the Anti-Fraud Module?

Secure your Magento Store by stopping Fraud!

How it Works

With the Anti-Fraud module, you have many options to help protect your store from Fraud. This grid will highlight our module and service features. By saving yourself from one potential fraud, this module will pay for itself.

Feature How it keeps you safe
Bad Customer Flag a customer as a bad customer (ie. Chargeback, difficult customer). Whenever that customer places an order, it will set the status of the order to be checked before approval/denying
IP Check Have an IP where you know the transactions are fraudulent? Add it to the list in a comma separated list and it will flag it.
Questionable Orders If enabled, checks to see if the Billing address and Shipping address match. If not, it will flag it for checking.
Verified Paypal Address If the Paypal address is not verified, it will flag it to be checked
Order Amount Check Check if the order is above the amount you set. If it is, it will hold the order so you can verify the orders authenticity

Antifraud Service Features How it keeps you safe
BIN Check We lookup the Country of Origin for the Bank Identification Number and match it with the IP address Country of Origin using GEO-IP. If they do not match, we flag it as a potential fraud charge.
IP Checks Checks the buyers IP address in relevance to their Billing Address. Depending on the distance you set, it will then flag the order if it is greater than that distance
High Risk Country Automatically checks to see if the order came from a High Risk Country. If it does, it will flag the order so you can check it.
Free Email A lot of fraudulent orders are committed using free emails. We check to see if the order was placed using a free email provider. If so, we flag it to be checked

Pre-requisites

Code/Conflicts

  • NO EDITS OR MODIFICATIONS TO MAGENTO CORE (Typically, this includes all code inside the app/code/core folder)
  • No conflicting modules (or conflicting custom code) installed (Typically, if installed component/module affects same functionality as Anti-Fraud, or Maxmind related, you should be wary of conflicts)

Magento Version

  • Community Edition 1.5.0 - 1.9.0.1
  • Enterprise Edition 1.8 - 1.13

Installation

Before you Install

As with all our modules (and all modules in general), installing this module directly and solely in a live environment is strongly discouraged. It is recommended that it be installed in a development environment, configured, tested, and then deployed to your live environment through your deployment method of choice (i.e. - git, subversion, etc...). If this is not possible, then the next best thing would be to make a FULL backup before installation.

Compilation

As with all our modules (and all modules in general), installing this module while compilation is turned on is not recommended. Please turn off compilation before installing.

Installing the Basic Application

Navigate to the root of your application. You should see folders like (app, downloader, skin, etc...). You can either install this manually or via Magento Connect. To install Manually, unzip the module Tar and then copy/paste to the root of your folder.

To install using Magento Connect, go to System -> Magento Connect -> Magento Connect Manager. Click on Browse, then click on the module and install. This will automatically install the product for you.

Configuration

Settings

Anti-Fraud can be configured by going to access System -> Configuration -> Antifraud. Once there, you should see something like the following:

Here, you can set-up the Anti-Fraud module. Of course, if you want to configure Maxmind, you will need a Maxmind account. You can get one here.

If you are wanting an email from the module whenever you have a bad customer submit an order, you can fill out the following information in your settings:

Configuration gets more in depth with the "Internal Customer Check". Here you can see more info, it is pretty self explanatory.

The next portion is the Maxmind configuration. If you do not have a Maxmind account, leave this disabled. If you do, you will need to fill out the license key here.

We also have added in a section for Open Commerce's Antifraud service. Below, you will see a basic configuration of the set-up you can do.

Maxmind Setup

If you are going to use Maxmind, there are a few other things you need to setup as well. First things first, click on Sales -> Maxmind Risk Levels. Should look like this:

You will see a page that looks similar to this:

Now, we need to setup our Maxmind Risk Level. Click on "Add Maxmind Score" at the top right. You will need to set-up the Maxmind Risk Level Name, Minimum Score, Maxmimum Score and Enabled/Disabled. Here is one that I set-up as a sample:

The next step is to click on the Apply Action section. I have setup a sample as you will see below. Fill this out to your needs and then click on "Save Item".

Now, the last step is to tell the configuration if it should end if fraud is found. You don't HAVE to do this, but I recommend it. Go to System -> Configuration -> Antifraud -> Maxmind Check Configuration and select High Risk for the "If Fraud Suspected" section. Here is the example for you.

Click Save and now you are done with a basic set-up. See the General Usage section to see how it works.

General Usage

Overview

When you login to your admin panel, click on Sales -> Order. On the left hand side of the grid, you will see a Maxmind Score section. When a customer places an order their information will be passed to Maxmind to determine its fraud level. You will get the score here. This is basically a percent change of being fraud. 10 is a 10% chance. .1 is a 1% chance. 50 is a 50% chance. Here is an example:


Now, if you want to set-up a customer as a "Bad Customer", you can do it by clicking on the Manage Customers menu. While here, find the customer you are looking for and put a checkbox next to their name. In the Actions tab, select the "Set Bad Customer" option and then click on Submit. This will set the customer up as a Bad Customer. You can also reverse this selection if need be by selecting the Reverse method. Here is an example of what a bad customer looks like:


MAXMIND Account

Need a maxmind account?

If you need a maxmind account, sign up here!

Known Limitations

  • None Currently