Fraud Protection

May all the odds be ever in your favor.
Use Fraud Protection Magento extension
and stop fraudsters on the spot.

It does not matter for cybercriminals how big your business is. Without proper security, store owners put themselves at risk for payment fraud.

The study says that 41% of online retailers got suffered from fraudsters. So it’s time to protect your store with our MaxMind Fraud Protection for Magento.

The solution — Fraud Protection extension for Magento

Fraud Protection Magento extension by PotatoCommerce uses popular MaxMind minFraud service which identifies risky orders. Once the service returns high minFraud riskScore and IP Risk Score, this anti-fraud Magento extension holds a risky order. A detailed report of transaction verification is also available in Magento Admin Panel.

Maxmind MinFraud — Fraud Prevention for Magento

MaxMind minFraud is a fraud detection service which is used by PotatoCommerce Fraud Prevention extension. This service is almost free (MaxMind Minfraud pricing is $0.005-$0.030 for a query).

Magento Fraud Prevention features

Check online transactions

Fraud Prevention extension provides real-time fraud analysis. If the riskScore is high, suspicious orders will be held by the extension for further review. It allows immediately stopping shipments and avoiding chargebacks.

Hold fraudulent orders

You can configure the extension the way it will change order status to "On Hold" automatically for further review. If MaxMind returns a high score, the order will not be completed and an invoice will not be created.

Prevent chargebacks

As you know, most of payment gateways charge merchants for each customer's chargeback request. So by using our Fraud Protection (MaxMind), you could save a lot of money by not allowing fraudsters to issue chargebacks.

Start shipping worldwide

Lots of online store owners do not provide worldwide shipping of their goods because of a high chance to fall into fraudsters’ trap. Our extension dramatically decreases the possibility of such situations and allows you to ship worldwide and not to be afraid to lose your money.

Details of a transaction review

Fraud Protection provides the functionality to check the riskScore in the order grid as well as to view it on the order page in Magento Admin Panel. You can instantly review a suspicious order and decide what to do. If you use Insights or Factors services from MaxMind minFraud, you will also be able to analyze the details of transactions such as geographical IP address location, identify high-risk IP addresses, email checking, device tracking.

Customer orders history

All the info on the previous orders is represented in the form of ‘Customer orders history’ pie charts which allow you immediately detect suspicious parameters. By clicking ‘MinFraud Details’ tab in the order details, you will see such information as email, IP and quantity of orders placed from a certain IP address as well as the details on orders placed by a specific customer.

Google Maps chart

Frequently fraudsters may use billing addresses which differ from their actual location. Integration with Google Maps allows displaying a client’s actual location (IP Location), Billing & Shipping addresses on the map. So you can visually evaluate the distance between an actual IP geolocation of a user and billing/shipping addresses.

Check main information first

We have implemented a new design in 2.0 version of our fraud detection extension. Now the most important fraud verification details are displayed on top of the page for your convinience.

Credit Card Fraud Detection

MaxMind MinFraud can also check credit carf information to validate the order. It operates with Card Security Code result, issuer ID number for the credit card, bank name, bank phone number, and address verification system (AVS) check result as returned by the credit card processor.

Free technical support

Purchasing this product your recieve the extension license. This license includes free technical support, free installation service, free bugfixes, free and lifetime extension updates. You can learn more at EULA and Customer Service pages.

Admin Panel Demo

Free consultation

Add to Cart

MaxMind minFraud request types: Score, Insight and Factors

MaxMind minFraud has recently introduced a brand-new version of API which intends to replace Standard и Premium requests and allows identifying suspicious transactions more meticulously. Each minFraud service is built on the risk assessment parameters provided by minFraud Score. Choose the proper service for your business as per your requirements and goals.

The request type can be selected when registering on the MaxMind website. More details on the services can be found here.

Installation

Installation from scratch

• Backup all the files of your store before installation (recommended)
• Disable compilation (Systems > Tools > Compilation > 'Disable' button) and flush store cache (System > Cache Management > 'Flush Magento Cache' button)
• Download the extension package from your account and extract the downloaded archive.
• Copy the content of the extracted folder to your store's root directory (overwrite the files)
• Flush store cache
• Log out from the backend and login again (important)
• Run compilation process if necessary (Systems > Tools > Compilation > 'Run Compilation Process' button).
• Go to the extension settings (System > Configuration > PotatoCommerce Extension > Fraud Check (MaxMind)), enable and configure the extension
• Flush store cache again
• See the configuration guide below

Update the extension from 1.x to 2.x versions

• Backup all the files of your store before installation (recommended)
• Disable compilation (Systems > Tools > Compilation > 'Disable' button) and flush store cache (System > Cache Management > 'Flush Magento Cache' button)
• Download 2.0 version of the extension from your account
• Copy the content of the extracted folder to your store's root directory (overwrite existing files)
• Flush store cache
• Log out from the backend and login again (important)
• Run compilation process if necessary (Systems > Tools > Compilation > 'Run Compilation Process' button).
• Go to the extension settings (System > Configuration > PotatoCommerce Extension > Fraud Check (MaxMind)), enable and configure the extension
• Generate a new license key in the MaxMind account https://www.maxmind.com/en/my_license_key and fill it in the extension settings
• See the configuration guide below

All the previous orders you have got will have fraud check information except IP Risk Score.

NB: if you use the previous version of API, please contact MaxMind support (support@maxmind.com) to connect you to the new API.

Configuration

• Register at https://www.maxmind.com/en/request-minfraud-service-trial
• Fill in the Licence Key and User ID from https://www.maxmind.com/en/my_license_key
• Specify the Score Threshold value (the Maxmind service analyzes the sent data and returns the riskScore)
• Choose ‘Overflow Threshold Action’ This actions will be performed if the riskScore is greater than the threshold.
• Set up IP Address Exceptions if necessary
• Select Request Type
• Save the configuration.

FAQ

After installing the Fraud Check extension my store gives error or a blank page.

Go to Magento Backend, Flush Store Cache (System > Cache Management> 'Flush Magento Cache' button), Logout and Login again.

What’s new in MaxMind PHP API v1.4?

Now the MaxMind service provides 3 types of requests: Score($0.005), Insights($0.015) and Factors($0.030). More information regarding each one can be found here.
The improved minFraud service uses REST principles. Also all requests are made by a POST of a structured JSON document to the web service. And both successful and error responses return a JSON document with an appropriate HTTP error code with details about the error in most cases. Authentication is done over an SSL connection. Follow the link for more details: https://dev.maxmind.com/minfraud/whats-new-in-minfraud-score-and-minfraud-insights/#General_Changes

I specified Factors request type, but now I receive “You do not have permission to use this service interface“ error.

To use Factors request type, please send a request to MaxMind support.

What is the workflow of the extension from the technical point of view? Will it work with my Payment system?

From the technical point of view, when an order is placed in Magento, 4 steps are accomplished:
1. When a new order is saved in Magento, method 'place' of class 'Mage_Sales_Model_Order_Payment' is carried out.
2. One of the payment actions, such as 'authorize', 'authorize + capture' or just 'order' (for offline orders) may be performed (it depends on your payment method)
3. The 'checkout_submit_all_after' event is triggered.
4. Once checkout_submit_all_after is triggered, MaxMind returns the riskScore. If the riskScore > Threshold, and the Hold Order action is configured in the settings, the order status will get changed to "On Hold". It happens right after the order in Magento is created. When the order is held, it can not be charged.
Then it all depends on Payment Method flow.
- If payment is processed when method 'place' of class 'Mage_Sales_Model_Order_Payment' is carried out, the Fraud Check extension is going to work correctly out of the box. Once the order status is changed to On Hold, the system considers the order as fraudulent. If your client think otherwise, they can contact your support to change the order status.
- If payment provider performs a redirect to the payment website, it will work the same way as above.
- If payment is created after checkout process (asynchronously), such a situation may take place:
The order may get the On Hold status, but your client won’t know that and will create a payment. The payment system sends a signal to controller in Magento. If this controller and payment method can work with On Hold status, then there will be no problems. However, if it doesn’t work with orders which have On Hold statuses, the payment will be created without an invoice (due to asynchrony).
That’s why there is a necessity to do tests with your payment methods before going live.

2.0.2 (released on 04 March 2019)
*bugfix

2.0.1 (released on 11 September 2018)
*bugfix

2.0.0 (released on 10 January 2018)
+ MinFraud API v.1.4 implementation (support of MaxMind's Score/Insights/Factors request types)

1.3.3 (released on 10 January 2018)
+ Added index to fraud info table for performance improvement
* IP_NOT_FOUND от MaxMind
* Fix Fatal: Column 'created_at' and 'store_id' in where clause is ambiguous

1.3.2 (released on 10 January 2018)
* Prevent order_id duplicates
* Can't re-check order

1.3.1 (released on 06 June 2017)
* Update links to legacy documentation

1.3.0 (released on 15 May 2017)
+ Device Tracking Add On support
+ Multishipping Checkout Support
* Request type notice in system configuration

1.2.2 (released on 11 April 2017)
+ Added marker balloons for Google Maps
* Fixed issue for virtual products

1.2.1 (released on 16 November 2016)
* Bugfix

1.2.0 (released on 21 October 2016)
+ Order Status condition
+ Payment Method condition
+ Billing & Shipping addresses added to Google Map

* minor bugfixes

1.1.0 (released on 17 May 2016)
+ Customer Order History
+ Added Google Maps to display IP location
+ Email Notifications
+ Admin Notifications
+ Highlight suspicious fields
+ Expand/Collapse non-suspicious fields
* Minor bugfixes

1.0.0 (released on 10 Nov 2015)
Initial release