Jollier
Professional
- Messages
- 1,234
- Reaction score
- 1,317
- Points
- 113
This material is provided for educational and research purposes only to help carders understand how modern antifraud systems such as the PayPal Fraud Detection System work.
Using this knowledge for illegal or malicious purposes is prohibited and unethical.
What is PayPal's antifraud system?
PayPal is one of the largest payment processing centers in the world. Its fraud detection system uses:- Machine learning
- Behavioural analysis
- Device fingerprinting
- 3D Secure / OTP verification
- Global transaction history
Objective: To understand how PayPal protects users from fraud, reduces chargebacks and improves trust in the platform.
Research objectives (for training):
- Understand what data PayPal collects.
- To study the logic of decision-making by the anti-fraud system.
- Test protection against common fraudulent methods.
- Improve your own security systems based on analysis.
Main factors PayPal checks
| Factor | Description |
|---|---|
| IP address | Does it match the region of the account/card? |
| User-Agent | Browser type, OS, language |
| Device Fingerprint | Canvas, WebGL, fonts, plugins, screen resolution |
| Email / Account | Account age, domain, transaction history |
| Payment details | CVV, ZIP code, card type, usage history |
| User behavior | Time between actions, errors when filling out the form |
Testing and Analysis Methods (in a controlled environment)
1. Preparing the environment
Tools:- PayPal Developer Sandbox
- Browserling / Multilogin / Puppeteer
- Stripe Test Cards (for payment emulation)
- Temp-mail and SMS services for registration
Example of a test card:
Code:
Card: 4242 4242 4242 4242
Date: 04/28
CVV: 123
Name: John Doe2. Testing browser fingerprint
JavaScript:
const puppeteer = require('puppeteer-extra');
const StealthPlugin = require('puppeteer-extra-plugin-stealth');
puppeteer.use(StealthPlugin());
(async () => {
const browser = await puppeteer.launch({ headless: true });
const page = await browser.newPage();
await page.setUserAgent('Mozilla/5.0 (Windows NT 10.0; Win64; x64)...');
// Substitute canvas
await page.evaluateOnNewDocument(() => {
delete navigator.__proto__.webdriver;
});
await page.goto('https://www.sandbox.paypal.com/ ');
await browser.close();
})();This allows you to simulate a "clean" browser without any traces of automation.
3. Working with proxies and geolocation
Recommendations:- Use residential proxies (e.g. BrightData, Oxylabs)
- IP matches billing address
- Use realistic zip codes and phone numbers
4. Analyzing PayPal API Responses
Example request:
JavaScript:
await page.type('#email', 'test@example.com');
await page.type('#password', 'password123');
await page.click('#btnLogin');
await page.waitForNavigation();Follow:
- HTTP Status Codes
- Error messages
- Redirects
- JavaScript responses via page.on('response')
5. 3D Secure / OTP processing
If your transaction falls under SCA (Strong Customer Authentication), PayPal may require:- SMS code
- Email confirmation
- Bank application
In the test environment:
- Use temp-mail.org and sms-temp.net
- Analyze behavior under different statuses:
- succeeded
- failed
- attempted
How PayPal Assesses Risks
| Risk level | Signs |
|---|---|
| Short | IP/address match, old card, verified email |
| Average | New map, new region, unusual amount |
| High | Frequent failures, data mismatches, strange activity |
Conclusion
PayPal uses some of the most advanced anti-fraud systems in the world. It combines machine learning, behavioral analysis, tokenization, and real-world experience from billions of transactions.As a cybersecurity professional, you can use this knowledge to:
- Understanding how modern security systems work
- Vulnerability Research
- Developing our own solutions to protect platforms
Useful Resources
Want an example?
I can provide:- Working Node.js script with Puppeteer + PayPal
- Example of a successful and unsuccessful transaction
- Test account configuration
- PayPal API Analysis Guide
For educational use only.Want a practical example?
