Rule settings

From the tab Rule Settings you will be able to set up and activate all the anti-fraud rules that will be applied according to your configuration.

From these settings, you can assign weight to each rule, which is the value that contributes to the risk level of an order. To read more about how the Rule weight works, you can refer to this page.

The available rules are:

• First order check
• International order check
• IP geolocation check
• Billing and Shipping address check
• Proxy check
• Suspicious email domain check
• Unsafe country check
• Order exceeding average amount check
• Orders exceeding specified amount check
• Orders not reaching specified amount check
• Check for attempt count
• Multiple details check

You can find below how each type of rule works:

First order check

Activate this rule if you want to mark an order as potentially unsafe if it is the first order placed by a user in the shop.

International order check

Activate this rule if you want to mark an order as potentially unsafe if the billing address does not match with the country set for the shop.

IP geolocation check

Activate this rule if you want to check if the user’s IP matches the billing address. If not, the check will be considered failed. You must also enter the MaxMind License Key in the dedicated field.

Billing and Shipping address check

Activate this rule if you want to mark an order as potentially unsafe if shipping and billing addresses differ from each other.

Proxy check

Activate this rule if you want to mark an order as potentially unsafe if the IP from which the order comes has used a proxy server. You must also enter the Proxycheck.io API Key in the dedicated field.

Suspicious email domain check

Activate this rule to check users’ email addresses and verify if they belong to one of the specified unsafe domains. Any of the default unsafe domains can be manually removed, but you can also add any new ones.

Unsafe country check

Enable this option and specify the unsafe countries in the ‘Define unsafe countries’ field. The system will check the country entered by the user in the invoice data.

If it matches one of the unsafe countries you’ve defined, the corresponding fraud risk percentage will be applied to the order.

Order exceeding average amount check

Activate this rule to track orders that exceed your shop’s average order amount, and set a value in the ‘Average multiplier’ field.

For example, setting the value to 2 will flag orders that are twice the average spend as higher risk.

Orders exceeding specified amount check

Activate this rule to flag orders that exceed a certain amount as potential fraud.

For example, you have a shop with very cheap products and the maximum order amount that a “normal customer” usually places is about $20. Based on that, you decide to set the threshold to $35.

If a customer visits your shop and places an order of $50, it will be marked as suspicious.

Orders not reaching specified amount check

Activate this rule to flag as potential fraud single orders that do not reach a specified amount limit.

For example, if you have a shop with expensive products and the minimum order amount that a “normal customer” usually places is about $2000. Based on that, you decide to set the threshold to $1000.

If a customer visits your shop and places an order of $800, it will be marked as suspicious.

Check for attempt count

This rule allows you to set the maximum number of orders from the same IP address in a given time frame (hours). Any additional order in the same time frame will be considered risky and will make the rule check fail.

In the image below we set the number of orders to be a maximum of 2 in one hour. So, starting from 3 orders in one hour, this rule check will fail.

Multiple details check

Activate this rule to flag billing details linked to an IP address used for previous orders. If the billing information differs from previous orders made with the same IP, the fraud risk level will increase.

The check will be done based on the time span (in days) you set. For example, we have set a time span of 7 days, so the plugin will check all orders made in the last 7 days that have the same IP as the order being currently placed.

Each risk rule has a weight that will help you calibrate the impact of each rule on the total score used to determine the risk level.

For every rule, then, you can choose a value between 1-20. This value will be the score of the rule if it’s triggered.

• The minimum weight a safety rule can have is 1. The closer the value is to 1, the less impact it has on the order’s risk level.

• The maximum weight is 20. The closer the value is to 20, the more impact it has on the risk level.

• By default, the value is set to 10, which represents an average risk.

When a rule is triggered, it contributes its assigned weight to the risk score. In the example below, the weight score is 63.6% which is the sum of the weight of each rule that has been triggered.

How is the risk calculated?

Risk is calculated as a percentage using this formula:

Risk Percentage = (Total score of failed rules / Maximum possible score) * 100

• Total score of failed rules: This is the sum of the weights for all rules that were triggered (failed).
• Maximum possible score: This is the default weight (10) multiplied by the number of rules enabled.

Example:

Let’s say you have 3 rules:

• “First order check” with a weight of 5
• “Suspicious email domain check” with a weight of 15
• “Unsafe country check” with a weight of 20

The maximum possible score is 10 (default weight) * 3 (rules), which equals 30.

Case 1: All rules fail

If all rules fail, the total score from the failed rules is 5 + 15 + 20 = 40 (sum of the weight of each rule).

So, the formula would be:

(40 / 30) * 100 = 133%. Since this is over 100%, the risk is capped at 100%.

Case 2: Only the “First order check” fails

If only the “First order check” fails, given the fact its weight is 5, the formula is:

(5 / 30) * 100 = 16.7% risk.

Case 3: Only the “Unsafe country check” fails

If only the “Unsafe country check” fails, given the fact its weight is 20, the formula is:

(20 / 30) * 100 = 66.7% risk.

Even though only one rule failed, the high weight of the “Unsafe country check” results in a medium risk score.

In your order summary, you’ll also see which specific rules contributed to the final risk score.

Since the Fraud Risk Level falls between 25% and 75% (according to the value set in General Settings > Settings for risk thresholds), the order is considered to be medium risk.