View Product Page

Settings

General settings

Home > Settings

First of all, you can enable the YITH Anti-Fraud plugin rules:

General settings - enable YITH Anti-Fraud

Then, from the General Settings you can start configuring:

Settings for risk thresholds

In this specific section from the General settings, you can set the thresholds of fraud risk to mark an order as medium or high risk.

Settings for risk thresholds
  • Medium Risk threshold: orders that get this value will be marked as “medium risk”.
  • High Risk threshold: orders from this value up will be marked as “high risk”.

So, based on the image above:

  • orders that get 0% to 24% > low risk
  • orders getting 25% to 74% > medium risk
  • orders getting 75% to 100% > high risk

Whatever the risk threshold, by default, the plugin does not block any order, and the payment will be processed anyway. Yet, if you want to prevent payments from orders with a high risk only, you can enable the Check for high risk at checkout option and automatically cancel orders that get the “high risk” label.

  • Check for high risk at checkout: enable this option to calculate the risk at checkout and automatically cancel the order if it gets the “high risk” label.

Please note: this option calculates the risk before processing the payment. However, some payment gateways bypass WooCommerce validation, preventing the plugin from performing the check before the payment is through. WooCommerce plugins like Stripe, WooPayment, and PayPal are currently not affected.

  • Error message: configure the custom message that you want to show at checkout when the order is cancelled for “high risk”.

The risk is calculated based on the weight of the plugin rules. You can refer to this page to read more information about how the risk is calculated.

Email blacklist settings

From this section you can Enable the email blacklist, so you can block automatically all orders coming from specific emails you have added in the Blacklist.

Email blacklist settings

The plugin also allows to automatically add an email address to the blacklist, if it’s considered high fraud risk. You only need to enable the option “Enable automatic blacklisting”.

To read more information about the Blacklist, you can refer to this post.

Addresses blacklist settings

With the option Enable address blacklist you can automatically block all orders coming from one or more billing and shipping addresses you have added in the Blacklist .

Addresses blacklist settings

Make sure you set also the Percentage of similarity: this determines how closely an email must match those on the Blacklist to be flagged as high risk and result in the order being canceled. The lower this value, the stricter the check will be. If you want this check to pass only with a perfect match, set this to 100%.

The plugin also allows you to automatically add a billing or shipping address to the blacklist, if it’s considered high fraud risk. You only need to enable the option “Enable automatic blacklisting”.

To read more information about the Blacklist, you can refer to this post.

PayPal settings

From the PayPal settings you can Enable PayPal verification, which allows you to check if the payment request coming from a specific PayPal account is completed by the actual owner of the account, and by no one else that could have stolen the account or the account credentials.

PayPal settings
  • Prevent downloads if verification failed or still processing: activate it if you wish to prevent downloads of digital products if the PayPal verification is not completed successfully.

When there is a new payment request, the plugin will automatically send an email to the PayPal address entered. The order is completed only if the user confirms the account by clicking on the verification link sent in the email.

PayPal verification email

You can configure this email notification from the Email Settings, click here to read more information about it.

In case the account is not confirmed after the first email has been sent, the plugin will send a new email after a specified number of days. You can set the number of days with the option Time span before further attempts.

The order is automatically canceled if the account still isn’t verified after a specified number of days that you can set in Time span before the orders are cancelled.

Once you’ve verified the email address, it will be added to the list with verified email addresses automatically. The verification process will no longer be repeated for that email address with orders that follow. You can also add a new PayPal address manually from the PayPal Verified Addresses tab.

Rule settings

Home > Settings

From the tab Rule Settings you will be able to set up and activate all the anti-fraud rules that will be applied according to your configuration.

From these settings, you can assign weight to each rule, which is the value that contributes to the risk level of an order. To read more about how the Rule weight works, you can refer to this page.

Rules settings

The available rules are:

You can find below how each type of rule works:

First order check

Activate this rule if you want to mark an order as potentially unsafe if it is the first order placed by a user in the shop.

First order check

International order check

Activate this rule if you want to mark an order as potentially unsafe if the billing address does not match with the country set for the shop.

International order check

IP geolocation check

Activate this rule if you want to check if the user’s IP matches the billing address. If not, the check will be considered failed. You must also enter the MaxMind License Key in the dedicated field.

IP geolocation check

Billing and Shipping address check

Activate this rule if you want to mark an order as potentially unsafe if shipping and billing addresses differ from each other.

Billing and shipping address check

Proxy check

Activate this rule if you want to mark an order as potentially unsafe if the IP from which the order comes has used a proxy server. You must also enter the Proxycheck.io API Key in the dedicated field.

Proxy check

Suspicious email domain check

Activate this rule to check users’ email addresses and verify if they belong to one of the specified unsafe domains. Any of the default unsafe domains can be manually removed, but you can also add any new ones.

Suspicious email domain check

Unsafe country check

Enable this option and specify the unsafe countries in the ‘Define unsafe countries’ field. The system will check the country entered by the user in the invoice data.

If it matches one of the unsafe countries you’ve defined, the corresponding fraud risk percentage will be applied to the order.

Unsafe country check

Order exceeding average amount check

Activate this rule to track orders that exceed your shop’s average order amount, and set a value in the ‘Average multiplier’ field.

For example, setting the value to 2 will flag orders that are twice the average spend as higher risk.

Exceeding average order amount check

Orders exceeding specified amount check

Activate this rule to flag orders that exceed a certain amount as potential fraud.

For example, you have a shop with very cheap products and the maximum order amount that a “normal customer” usually places is about $20. Based on that, you decide to set the threshold to $35.

If a customer visits your shop and places an order of $50, it will be marked as suspicious.

Order amount check (for order exceeding the below specified amount)

Orders not reaching specified amount check

Activate this rule to flag as potential fraud single orders that do not reach a specified amount limit.

For example, if you have a shop with expensive products and the minimum order amount that a “normal customer” usually places is about $2000. Based on that, you decide to set the threshold to $1000.

If a customer visits your shop and places an order of $800, it will be marked as suspicious.

Order amount check (for orders not reaching the below specified amount)

Check for attempt count

This rule allows you to set the maximum number of orders from the same IP address in a given time frame (hours). Any additional order in the same time frame will be considered risky and will make the rule check fail.

In the image below we set the number of orders to be a maximum of 2 in one hour. So, starting from 3 orders in one hour, this rule check will fail.

IP - check for attempt count

Multiple details check

Activate this rule to flag billing details linked to an IP address used for previous orders. If the billing information differs from previous orders made with the same IP, the fraud risk level will increase.

The check will be done based on the time span (in days) you set. For example, we have set a time span of 7 days, so the plugin will check all orders made in the last 7 days that have the same IP as the order being currently placed.

IP - multiple details check

Rule weight

Home > Settings

Each risk rule has a weight that will help you calibrate the impact of each rule on the total score used to determine the risk level.

For every rule, then, you can choose a value between 1-20. This value will be the score of the rule if it’s triggered.

Rule weight example
  • The minimum weight a safety rule can have is 1. The closer the value is to 1, the less impact it has on the order’s risk level.
  • The maximum weight is 20. The closer the value is to 20, the more impact it has on the risk level.
  • By default, the value is set to 10, which represents an average risk.

When a rule is triggered, it contributes its assigned weight to the risk score. In the example below, the weight score is 63.6% which is the sum of the weight of each rule that has been triggered.

How is the risk calculated?

Risk is calculated as a percentage using this formula:

Risk Percentage = (Total score of failed rules / Maximum possible score) * 100

  • Total score of failed rules: This is the sum of the weights for all rules that were triggered (failed).
  • Maximum possible score: This is the default weight (10) multiplied by the number of rules enabled.

Example:

Let’s say you have 3 rules:

  • “First order check” with a weight of 5
  • “Suspicious email domain check” with a weight of 15
  • “Unsafe country check” with a weight of 20

The maximum possible score is 10 (default weight) * 3 (rules), which equals 30.

Case 1: All rules fail

If all rules fail, the total score from the failed rules is 5 + 15 + 20 = 40 (sum of the weight of each rule).

So, the formula would be:

(40 / 30) * 100 = 133%. Since this is over 100%, the risk is capped at 100%.

Case 2: Only the “First order check” fails

If only the “First order check” fails, given the fact its weight is 5, the formula is:

(5 / 30) * 100 = 16.7% risk.

Case 3: Only the “Unsafe country check” fails

If only the “Unsafe country check” fails, given the fact its weight is 20, the formula is:

(20 / 30) * 100 = 66.7% risk.

Even though only one rule failed, the high weight of the “Unsafe country check” results in a medium risk score.

In your order summary, you’ll also see which specific rules contributed to the final risk score.

Order summary: rules contributing to the risk level

Since the Fraud Risk Level falls between 25% and 75% (according to the value set in General Settings > Settings for risk thresholds), the order is considered to be medium risk.

Risk threshold example

Blacklists

Home > Settings

Once you have enabled the email blacklist, you will see the Blacklist tab in the plugin settings where can add the emails addresses:

Blacklisted emails

And Billing/Shipping addresses, so that the orders using the you have added to the list will be automatically cancelled:

Blacklisted addresses

As an example, we have added the email [email protected] and the billing address 700 Renown Street, Johannesburg 2101, South Africa, Gauteng to the blacklist. Every time you receive an order from that email or using that Billing address, the order cannot be processed, therefore the risk percentage will not be calculated.

Blacklisted email order

The order is automatically set to Cancelled status, which applies when the fraud risk check doesn’t pass.

Fraud risk order notes

The owner, however, can change the order status and process it, at their own risk.

In case you want to unblock one of the blacklisted email addresses and check the real risk level of the order, you can do the following:

  • remove the email and/or billing address from the blacklist;
  • change the order status to “On Hold”;
  • click on the button “Repeat Check”.
Repeat check button

Once the check is finished, it will show the actual risk level percentage of the order.

Fraud risk level example

PayPal Verified Addresses

Home > Settings

From this tab you can see the list PayPal verified emails. When there is a new payment request, the plugin sends an email automatically to the PayPal email address to verify it. Once the user clicks on the verification link, the email is added to the list.

PayPal Verified Addresses list

However, you can also add an email manually clicking on the Add email button

You can configure the settings related to the PayPal verification from the General settings of the plugin, you can refer to this page.

Emails Settings

Home > Settings

From the Email Settings tab you can manage the notifications sent by the plugin. There are two available:

  • Anti-Fraud PayPal Verification: Sent to the customer to check the PayPal account.
  • Anti-Fraud Admin Notification: Sent to admin when the anti-fraud check is performed.

You can edit each one by clicking on the pencil icon:

Email settings

Anti-Fraud PayPal Verification

Under the Content tab, you can customize the email heading and notification message, using the available placeholders. You’ll also be able to see your changes in real-time with the live preview.

Anti-fraud PayPal verification email content

Under the Configuration tab, you can edit the subject and choose the email type (HTML or Multipart). You can also add an email address to send a test email and preview how it looks when the customer receives it.

Anti-fraud PayPal verification email configuration

Anti-Fraud Admin Notification

From the Content tab you can edit the email heading and the message content, you can check the changes in the live preview.

Anti-Fraud Admin Notification content

From the Configuration tab you can edit the subject, select the email format (HTML or Multipart), and add recipient(s) for the notification. You can also specify a test email address to preview the notification. Additionally, you can choose the test content to determine how the email will appear for different risk levels (low, medium, or high) when the check has been performed

Anti-Fraud Admin Notification configuration