Man
Professional
- Messages
- 2,963
- Reaction score
- 486
- Points
- 83
Introduction
Let's consider what protections there are:
1) This is custom protection on CMS - It mainly checks for errors, crooked address, incorrect ZIP, etc.
2) Fraud detectors - protection between the shop and the payment gateway. These protections are offered by various companies. They earn money on this by creating various subscriptions.
2.1) Additional modules and filters from various fraud systems.
3) Bank transaction verification - The bank also checks transactions for fraud (An example of this is that 4 shops were checked in 15-20 minutes, for example - and the bank became suspicious, they can block the CC).
Getting to know the panel.
The store support sees the following picture:
Orders. How does it work?
1) Score - these are fraud points.
2) Aproval/review/decline - these are statuses.
I'll start with the second status. Each anti-fraud system company has them.
Aproval - Approved. (set automatically if the fraud points are within the thresholds.
review - the order is under consideration (the average number between approve and decline is collected - manual check)
decline - automatic cancellation (when more than 20 fraud points are collected).
Thresholds:
0-10 - the order is automatically approved, the detector will send a notification that everything is fine.
10-20 - suspicious, here it can be either a success or a cancellation. Most likely - you will be asked for an ID or a call.
20-100 - the order is automatically cancelled. Nothing can be done about it.
Score - What fraud points are given for! Identifiers/markers.
You can get acquainted with the panel yourself here: https://admin.seon.io/scoring-engine/custom-rules/ - to log in you only need a Google account.
The Seon anti-fraud system has integration with the Shopify CMS system
My recommendations for working with this fraud detector:
Ideally, you will not be able to score 0 points. The fraud detector checks the age of the email, gets profiles (full name, what data it was registered with, date of email creation, email cleanliness) - It is better to check the email before using it. And also finds registered online profiles for this email (gets names, age, even avatars from emails).
IP - Your IP must be clean, open ports - add fraud points (port 80 and 22), blacklists - I advise you to use additional checkers to check blacklists. Maxming, Getipintel, etc.
DNS - What if I say that DNS is also checked, and they check the same way as IP.
VPN config - they look where the VPN is deployed, if it is a server, then this will immediately add points. (You can check this yourself on the same whoer).
Browser - do not use any extensions, such as scripts (warm-up bots). Try to scroll slowly.
Phone - It is better to take the CH number changing the digit in the middle. Finds registered online profiles on this phone (for example, Skype, WhatsApp and others).
I think the best solution is to work with a dedicated server (RDP) on this fraud protection. Because it exposes antidetects. It detects extensions.
And the funniest thing is that anyone who works through a phone detects such programs as Potaco lite, proxy droid, shadow socks.
