Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Blocking Fraudulent transactions
 
theorchidguys
Jr. Member
 
Total Posts:  17
Joined:  2008-09-10
Newton, Massachusetts, USA
 

1. Are there any modules or functionality that already exists within Magento that have a way to block IP addresses that are trying to use invalid credit cards, or are there any fraud modules that will assist with this type of issue?

2. Are there any parameters to limit the number of transactions a specific account can do within a certain period of time (i.e., block someone who is trying to do 15 transactions in 15 minutes).

I see I could “delete” the customer, but I believe I would be more interested in blocking the IP address, at least for some period of time.

Any info would be appreciated : )
Thanks,
-Todd

 
Magento Community Magento Community
Magento Community
Magento Community
 
sdb
Sr. Member
 
Avatar
Total Posts:  223
Joined:  2007-11-13
coastal California, USA
 

That does seem like an important piece of functionality to have. Your CC processor should also be able to see things like that though.

 
Magento Community Magento Community
Magento Community
Magento Community
 
theorchidguys
Jr. Member
 
Total Posts:  17
Joined:  2008-09-10
Newton, Massachusetts, USA
 

Actually it is the responsibility of the store owner to control any problems. It is not the responsibility of the card processor.

The e-commerce software should have functions to limit the number of transactions from a specific IP address or the function to block transactions coming from a certain IP address.

 
Magento Community Magento Community
Magento Community
Magento Community
 
J_T_
Mentor
 
Avatar
Total Posts:  1961
Joined:  2008-08-07
London-ish, UK
 

I use MinFraud by MaxMind. When I have ported it over from my current osCommerce shops, I may (no promise) share it as a module. It detects known carders and adds a risk score to each order.

 
Magento Community Magento Community
Magento Community
Magento Community
 
elituchy
Jr. Member
 
Avatar
Total Posts:  5
Joined:  2008-10-10
Port Washington, NY
 

I use Authorize.net and they offer a Fraud Detection Suite for just $5/mth.

http://www.authorize.net/solutions/merchantsolutions/merchantservices/frauddetectionsuite/

The Authorize.Net Fraud Detection Suiteâ„¢ (FDS) is a set of customizable, rules-based filters and tools that identify, manage and prevent suspicious and potentially costly fraudulent transactions. You can customize FDS filters and tools to match your business needs and control how suspicious transactions are handled, including the ability to approve, decline or hold transactions for manual review.

I am not currently using it and we are planning on it.

 
Magento Community Magento Community
Magento Community
Magento Community
 
redstage
Sr. Member
 
Avatar
Total Posts:  173
Joined:  2009-12-04
Hoboken, NJ
 

We developed a neat little extension to block IP addresses: http://store.redstage.com/ip-blacklist.html

For more advanced fraud protection, we recommend Kount to our customers.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Adam Moss
Sr. Member
 
Avatar
Total Posts:  248
Joined:  2009-02-11
Birmingham, UK
 

I wrote a blog post about this a while back, check it out if you’re interested: http://www.e-commercewebdesign.co.uk/blog/magento/magento-fraud-prevention.php

One thing I hadn’t mentioned on there is the IP address blacklist by Redstage above - seems like a nice extra layer of security to have.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top