Fraud Monitor - Installation and usage

The Fraud Monitor extension for Easy Digital Downloads uses a variety of tests to filter every transaction, looking for attributes commonly associated with fraudulent purchases.

Fraudulent transactions are a common occurrence in this day and age of identity theft. These transactions in your Easy Digital Downloads store can be time consuming to deal with, expensive to pay for, and could even get you blacklisted by payment gateways.

The Fraud Monitor extension uses a variety of tests to filter every transaction, looking for attributes commonly associated with fraudulent purchases. These tests are configured by the site owner.

Note: Before Fraud Monitor will begin monitoring payments, the settings must be configured.

Usage

Transactions are filtered based on the settings configured by the store owner. Filters can be based on:

  • IP Address
  • Country
  • Email address
  • Behavior based on formula created by the store owner

Once a transaction has been flagged as fraudulent, it's placed in a holding area for review by the store owner.

Setup

After you have installed and activated the Fraud Monitor extension, you can find the settings area by navigating to Downloads → Tools→ Fraud Monitor.

  1. Review the settings in this document to enable the monitoring features you want to use for your store.
  2. (Optional) Configure geofencing.
  3. You'll be notified when a purchase is flagged and needs to be moderated.

The initial tab contains the General settings.

Settings

General

There are three sections on the General tab.

1) General Settings

The option is Moderate Free Purchases. Typically this is off since financial fraud isn't an option without a payment, but it may be turned on to work in conjunction with other settings to prevent other kinds of abuse.

2) Admin Notifications

This allows an admin notification email to be sent when a transaction is flagged for fraud.

3) Customer Notifications

This will send an email to the customer letting them know the transaction is under review.

Note: if a flagged payment is actually fraudulent, the email address attached to the transaction may not work at all, resulting in a bounceback. This is a common issue.

IP Addresses

Transactions from any IP address placed into the text area shown in the screenshot will immediately be held for review. IP addresses should be entered one per line.

Country

You can choose what service to use to determine a user's country based on their IP address.

You may configure Fraud Monitor to disallow transactions from specific countries. In the screenshot above, the United Kingdom and Andorra are disallowed. To choose more countries, you may click the input to see a list of countries or start typing to narrow down the list.

Fraud Monitor can be configured to detect differences in the billing information and IP address location to possibly flag a payment for review.

The Country Check setting restricts file downloads from a country other than the one the purchase was made from, if initiated in the first 24 hours from purchase.

Email

Note: This is for email domains, not full email addresses.

Placing a domain like example.com into the text area provided will make it so any transaction using that domain in the buyer's email address will cause it to be held for moderation.

Additional Email Settings

Optionally you may choose to also check email addresses for patterns typically associated with fraudulent activity. This looks at the entire email address and compares it against known patterns common in fraudulent purchases.

Behavior

This section allows you to make a variety of settings specific to your own products and prices to create a filter customized to your needs.

User History

Typically once a transaction has been approved, that customer bypasses the Fraud Monitor from that point forward. This section gives you the opportunity to require checks for every user on every transaction.

Gateway Settings

If you prefer that purchases made via certain gateways not be moderated at all, you can do that in the Exclude Gateways settings.

Limit Thresholds

This section allows you to set maximum values for:

  • Total Purchase Amount
  • Total Purchased Items
  • Total Purchased Bundles

These three options together can help you create some thresholds for Fraud Monitor. 

For example, if you only sell one product, and it doesn't make sense to buy more than one copy, set the Total Purchased Items to 1.

Another example involves selling 4 things for $1.00 each. You could set the Total Purchase Amount to $4.00, since there's no reason for people to buy more than one copy.

For Total Purchased Bundles, imagine a scenario where you have two bundles and one bundle includes everything that the other bundle includes, plus more. Buying both bundles would be a waste, since the contents of one are offered in the other. If these were the only bundles on the site, then you'd set the value of Total Purchased Bundles to 2.

Product Combinations

This section allows you to create combinations of products that would indicate a fraudulent purchase. For example, buying an ebook on weight loss while ALSO buying an ebook on weight gain seems unlikely, so you could set that combination to trigger moderation.