Fraud detection tips

Hello,
I've been looking around various different places to see if there are any good fraud detection tools or techniques that I'm not yet using but should.
I of course already have minFraud set up within Foxycart and all the fraud detection settings with my gateway.
On top of that I built an integration with Signifyd, very easy to do and free if you put their logo on your site. So far that has been our favorite tool, thanks @markbahl!
What I'm finding on other sites is suggestions to contact the card issuing bank and request that they place a curtesy call to the card holder if you believe the order is fraudulent. I was wondering if anyone here has tried to do something like that. Right now I don't have a way to know what bank issued the card so any suggestions on that would be appreciated as well.
Thanks!
Comments
  • fc_adamfc_adam FoxyCart Team
    @zlb,

    Great to hear that you've got the Signifyd integration set up, that's awesome. We hadn't actually heard of the courtesy call option - that sounds like an interesting option. It might be worth asking your gateway about that - they may have some more information about the possibilities there.

    In terms of other options, I'm not sure what gateway you're with - but if you are able to enable 3D Secure with it - that would be a good option to add as well.
  • hi. Where can I get info about how to apply Signifyd integration to my cart?
    I have checked the website and all that, I just can't find any info about specifically integrating into foxycart.
    thank you.
  • fc_adamfc_adam FoxyCart Team
    @purpleontime,

    Good question - we don't have any official integration with Signifyd - that said, you could make use of our webhooks to capture the datafeed and pass on the needed information to Signifyd using their API. More information on our webhooks at http://wiki.foxycart.com/static/redirect/xml_datafeed. @zlb might be able to share with you how it was approached for their set up as well.
  • zlbzlb Member
    edited April 2016
    @purpleontime, @fc_adam,
    I think Brett already passed this along, but for anyone else looking for it here is how I set up the Signyfid integration:

    This code is placed in the example PHP endpoint in the section that runs for every order.

    Depending on your processor you will need additional code to pull the AVS and CVV response codes from their API. My code assumes that they are stored in $AVS and $CVV.

    date_default_timezone_set("TIME ZONE");
    $dateObject = strtotime($transaction_date);
    $transaction_date_formated = date(DateTime::ISO8601, $dateObject);
    $dataArray = array(
    'purchase' => array(
    'browserIpAddress' => $customer_ip,
    'orderId' => $transaction_id,
    'createdAt' => $transaction_date_formated,
    'paymentGateway' => 'YOUR GATEWAY',
    'currency' => 'USD',
    'avsResponseCode' => (string)$AVS, //From gateway's API
    'cvvResponseCode' => (string)$CVV, //From gateway's API
    'orderChannel' => 'WEB',
    'totalPrice' => $order_total,
    // 'products' => array(), An optional array of the products purchased. I have not integrated this.
    ),
    'recipient' => array(
    'fullName' => $shipping_first_name . " " . $shipping_last_name,
    'confirmationEmail' => $customer_email,
    'confirmationPhone' => $shipping_phone,
    'organization' => $shipping_company,
    'deliveryAddress' => array(
    'streetAddress' => $shipping_address1,
    'unit' => $shipping_address2,
    'city' => $shipping_city,
    'provinceCode' => $shipping_state,
    'postalCode' => $shipping_postal_code,
    'countryCode' => $shipping_country,
    ),
    ),
    'card' => array(
    'cardHolderName' => $customer_first_name . " " . $customer_last_name,
    // 'bin' => string, If you can get the bin from your processor's API, put it here.
    'last4' => substr($cc_number_masked, -4),
    'expiryMonth' => $cc_exp_month,
    'expiryYear' => $cc_exp_year,
    'billingAddress' => array(
    'streetAddress' => $customer_address1,
    'unit' => $customer_address2,
    'city' => $customer_city,
    'provinceCode' => $customer_state,
    'postalCode' => $customer_postal_code,
    'countryCode' => $customer_country,
    ),
    ),
    );
    $data = json_encode($dataArray);
    $url = "https://api.signifyd.com/v2/cases";
    $credentials = "YOUR-API-KEY";

    $r = curl_init();
    curl_setopt($r, CURLOPT_URL, $url);
    curl_setopt($r, CURLOPT_CUSTOMREQUEST, "POST");
    curl_setopt($r, CURLOPT_HTTPHEADER, array(
    'Content-Type: application/json',
    'Content-Length: ' . strlen($data))
    );
    curl_setopt($r, CURLOPT_USERPWD, $credentials);
    curl_setopt($r, CURLOPT_POSTFIELDS, $data);
    curl_setopt($r, CURLOPT_RETURNTRANSFER, true);
    $result = curl_exec($r);
    curl_close($r);
    Signifyd's API guid: https://www.signifyd.com/docs/api/
  • fc_adamfc_adam FoxyCart Team
    @zlb,

    Thanks for sharing!
Sign In or Register to comment.