Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Fraud Protection? 
 
ImSoExcited
Jr. Member
 
Total Posts:  16
Joined:  2008-05-10
 

I was just wondering the degree of the credit card authentication and fraud protection level of Magento.  According to my supplier I should be look out for the following things as they are the most common types of credit card fraud.

Use of multiple, sequentially-numbered credit cards.  (can magento detect and protection against this stuff?)
Use of credit cards drawn on foreign banks.  (I think magento already allows you to select which countries are eligible to buy stuff… not sure though as I’ve been trying to set up other parts of my store)
Large orders of high-risk products such as RAM, HDD, flash memory any small and easily unloaded items. Fraudsters won’t steal monitors.  (can magento notify you when a large quantity of the same item is ordered?....and also explicitly tell you “HEY! CHECK INTO THIS ORDER!!! IT MAY BE FRAUD!!” so that you can phone the credit card company and check on the ownership)

Also, for the last thing, does Magento also log the IP address when orders are made so that you can also check that with the location of the owner of the credit card?

If any of these features aren’t currently impleted I’d recommend they be ASAP as any fraud can either severely damage a company or completely destroy it.

 
Magento Community Magento Community
Magento Community
Magento Community
 
adimagento
Guru
 
Avatar
Total Posts:  626
Joined:  2007-08-29
Los Angeles, CA
 

Fraud protection is typically provided by the payment gateway. We have seen additional functionality that online merchants develop as part of the eCommerce platform on a case by case basis.

 
Magento Community Magento Community
Magento Community
Magento Community
 
ImSoExcited
Jr. Member
 
Total Posts:  16
Joined:  2008-05-10
 

Good to know.  Thanks. smile

 
Magento Community Magento Community
Magento Community
Magento Community
 
Crucial
Enthusiast
 
Avatar
Total Posts:  770
Joined:  2007-11-07
Phoenix, AZ
 

On a related note, a good extension to integrate would be FraudGuardian:

http://www.modernbill.com/products/fraudguardian/

It’s integrated into ModernBill already, so we’re pretty used to it, but it has some really nice features, and some extended services like being able to have an automated bot call the person to verify the order by having them enter some code.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Directshop
Jr. Member
 
Avatar
Total Posts:  28
Joined:  2008-10-15
Melbourne, Australia
 

Hi there,

We have just launched our Magento Fraud Alert Module.

It can be viewed and purchased here :Magento Fraud Alert Module, featuring MaxMind

Cheers,
Nathan

 
Magento Community Magento Community
Magento Community
Magento Community
 
Wickings
Jr. Member
 
Total Posts:  5
Joined:  2010-08-26
Denmark
 

Old topic, but have relevant input.

You can also try see our extension: BlockThatProxy Magento Extension.

Read more about our service here: BlockThatProxy.com
We can help prevent fraud in your Magento store.

Some of the features:

- Detect proxy servers
- Detect blacklisted IPs
- Get GeoIP address
- Calculate distance between shipping address and GeoIP address
- Automatically notify store admin if possible fraud
- Automatically redirect a user after purchase, if more information needed to confirm non-fraud purchase

Please contact us if you have any questions smile

 
Magento Community Magento Community
Magento Community
Magento Community
 
FMEExtensions
Mentor
 
Avatar
Total Posts:  1298
Joined:  2009-08-07
 

1 - http://www.fmeextensions.com/extensions/catalog/geoip-country-lock-products.html

If you are planning to have country specific products and need an easy way to manage it … our GEOip Country Lock Magento extension lets you have this functionality right out of the box. Functionality that was achieved through multi store can now be achieved through this extension. Block a specific country or a group of country through Access Control Groups. See online users on your Magento store and if needed Block them from seeing your store. We have given you a page for all the Blocked ips as well.
GeoIP Country Database.

The idea behind GeoIP based product Magento Extension is to protect against fraudulent purchase of products from your magento store. This extension adds an attribute for location, against which the product can be viewed or not in certain locations.

2 - Protect your site from certain Ips or Countries with Geoip Magento Extension

 
Magento Community Magento Community
Magento Community
Magento Community
 
phillipm
Jr. Member
 
Total Posts:  1
Joined:  2011-10-30
 

Kount looks like a new feature for magento fraud control that is independent of gateways.  Has anybody used it?

http://www.magentocommerce.com/knowledge-base/entry/payment-services-kount-fraud-detection/

It looks like a lot of stuff is included www.kount.com

 
Magento Community Magento Community
Magento Community
Magento Community
 
Adam Moss
Sr. Member
 
Avatar
Total Posts:  248
Joined:  2009-02-11
Birmingham, UK
 

Nice thread. I think there needs to be some official advice from Magento in terms of ways to prevent fraud. People can lose so much money if their sites aren’t fully protected against it.

Is 3D secure also supposed to help protect against fraud? I guess it’s more of just an extra security measure.

 
Magento Community Magento Community
Magento Community
Magento Community
 
redstage
Sr. Member
 
Avatar
Total Posts:  173
Joined:  2009-12-04
Hoboken, NJ
 

+1 for Kount.  Great system.

If you just need to block by IP address, we made a neat little extension for that: http://store.redstage.com/ip-blacklist.html

 
Magento Community Magento Community
Magento Community
Magento Community
 
kevin4
Jr. Member
 
Total Posts:  6
Joined:  2011-02-05
 
phillipm - 16 November 2011 06:19 AM

Kount looks like a new feature for magento fraud control that is independent of gateways.  Has anybody used it?

http://www.magentocommerce.com/knowledge-base/entry/payment-services-kount-fraud-detection/

It looks like a lot of stuff is included www.kount.com

I tried to use it but their Magento extension didn’t work for us. We went through three different extension versions in two weeks and all have issues. Sales support is great, but tech support simply does not exist. Bad experience overall and can’t really say if it works or not. It’s too bad they don’t value the small business of 5000 transactions per month. If the decision were mine, I’d give up on them. Still waiting for their development team to get the Kount extension to work.

 
Magento Community Magento Community
Magento Community
Magento Community
 
bijuthaj
Jr. Member
 
Avatar
Total Posts:  2
Joined:  2013-03-23
 

Please check this extension http://www.magentocommerce.com/magento-connect/catalog/product/view/id/18356/

Features :

Billing and Shipping address match check. Fraud orders has a high chance that the billing and shipping address mismatch.
BIN check : The Bank Identification Number also known as the credit card bin can tell you the name of the bank that issued the card, the country where the credit card is issued, phone number of the issuing bank etc. Credit card bin numbers are the first 6 digits of a card number. The BIN number check is important as many fraud orders are made from stolen CC which is issued in different country from billing address.
Order amount check : Check whether the order amount is greater than the set maximum amount. The maximum amount can be set in the admin DFRAUD configuration settings in System->Configuration->Dfraud Integration Options
Order history check : Checks the status of previous orders from the user or from the same IP address.
Post code check : The billing and shipping post code checks are performed to check the validity of postcode with the entered billing or shipping address.
IP location check :  The IP address check resolves the IP address to the location of IP address. The IP address location is compared with billing and shipping address to check the proximity.
High risk country check : The IP address, billing address, shipping address locations are compared against high risk countries. Orders orginating from high risk countries has high risk of fraud.
Geo location check : Following checks are performed on geo location check. Distance between Billing/Shipping Location, Distance between Billing/IP Location, Distance between Shipping/IP Location, Billing Address - Nearest Verified Location, Shipping address - Nearest Verified Location
Each check has an associated risk value and overall risk assesment is done which help the admin to detect fraud order

And more
First completly magento integrated fraud module.
No need to send your valuable user information or order details to external api or system. All the checks are perfomed within your server doamin.
Vast veriety of checks which help the admin to easily identify the fraud order.
No per transaction fees.
And its FREE !!

 
Magento Community Magento Community
Magento Community
Magento Community
 
alschul
Jr. Member
 
Total Posts:  2
Joined:  2008-11-08
 

Biju,
I installed your D-Fraud extension. It works well! Thanks for offering it.

If I may suggest a feature that no other extension offers yet… blocking an IP address if it submits a declined transaction X number of times.

If that’s possible, I would pay for your extension.

Best,
Al

 
Magento Community Magento Community
Magento Community
Magento Community
 
ecomsecurity
Jr. Member
 
Total Posts:  1
Joined:  2013-06-25
 

Al,

Thanks for your interest. I will add the feature (to block ips if the number declined or detected fraud transaction exceeds a limit) the next release. I will let you know the date for the next release soon.

Regards,
Biju

 
Magento Community Magento Community
Magento Community
Magento Community
 
alschul
Jr. Member
 
Total Posts:  2
Joined:  2008-11-08
 

The gateway fraud protection doesn’t stop the constant attempts on our server by carding hackers. If D-Fraud can be setup with an IP decline limit, then the server load is reduced. We get 50 declines in a row, 3-4 times a day. It’s pretty annoying to get all those declined transactional emails. Turning off the transactional emails is not a great solution either.

I’m really happy to hear that D-Fraud will add this ip blocking feature soon.

Thanks Biju!!

Al

 
Magento Community Magento Community
Magento Community
Magento Community
 
chrislim2888
Jr. Member
 
Total Posts:  2
Joined:  2013-05-15
 

Another free fraud prevention extension to check out: FraudLabs Pro (http://www.fraudlabspro.com/supported-platforms-magento). It not only provides you the fraud score of your transaction, but allowing you to set custom rules to effectively filter the fraud attempts based on your business needs. I.e, velocity check, credit card blacklist check, and so on.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top