A transaction that isn't authorized by a customer is referred to as fraudulent. A fraudulent transaction can result in a chargeback, which can cause you to lose money. Shopify's built-in fraud analysis uses machine learning algorithms to help bring suspicious orders to your attention. You can investigate a suspicious order in several ways.
On this page
- Verify the IP address
- Call the phone number on the order
- Search for the email address
- Verify that the billing and shipping addresses match
- Check if multiple orders use different billing addresses for the same shipping address
- Review high value orders
- Install fraud prevention apps
- Create workflows
- Adjust your payment capture settings
- Next steps
Verify the IP address
The IP address from which an order was placed is a good indicator of potential fraud. Consider whether any of the following are true:
- Is the customer's IP address located in a different general area from where they claim to be?
- Is the IP address for a web hosting company?
- Is the IP address a proxy service IP address?
If you've answered yes to any of the questions, then you should probably contact the customer to verify the authenticity of the order.
You can use the following free tools to quickly look up the geographical location, internet service provider (ISP), and other information about a specific IP address:
You can find the IP address that is associated with the order in the fraud analysis section of the order detail page.
Call the phone number on the order
Calling the customer is always a good idea. You can also use a service such as 411.com to make sure the phone number is located in the same area code as the billing address. Fraudulent customers often use invalid phone numbers. If someone answers the phone, then ask them some simple questions about their order and consider how they respond. Do they know the addresses, phone number, email, and name they used? Are they struggling to give you simple pieces of information?
Search for the email address
Searching for the email address on Google or another search engine can help you determine whether the email address was used in documented fraud attempts. You might also be able to find social media posts or other information that ties the customer to the email address.
Verify that the billing and shipping addresses match
A fraudster is likely going to provide a shipping address that does not match the billing address. You can use Google Maps to map out addresses and visualize the distance between them. If the distance between two addresses is significant (different continents, for example), then the order is fraudulent. Keep in mind that legitimate shoppers sending a gift or buying on behalf of someone else might have different addresses.
Check if multiple orders use different billing addresses for the same shipping address
Are there multiple orders with different billing addresses located in different states, with different names, but sharing the same shipping destination? This is usually a sign of fraudulent orders. Proceed carefully, and contact the customers using the information provided at checkout.
Review high value orders
If you receive an order which is substantially higher than normal, then you should verify the customer's identity.
Install fraud prevention apps
You can also install various apps to help reduce the chance of fulfilling fraudulent orders. Browse other fraud prevention apps in the Shopify App Store.
To block users who try to make repeat fraudulent orders, you can use Shopify's Fraud Filter app.
You can create workflows using Flow to notify you when suspicious orders are created. Refer to Shopify Flow to learn more.
Adjust your payment capture settings
Transaction fees are charged for all processed payments made through a third-party payment provider, and aren't returned to you when you issue a refund. You can change your payment capture settings to prevent automatic payment capture for certain orders and reduce the potential impact of the transaction fees for fraudulent orders to your business.
Alternatives to automatically capturing payments can include:
- Adjusting your Payment capture settings to capture payments manually.
- Using a manual payment method, like a bank deposit or cash on delivery (COD).
Manually capturing payments adds an additional step in your order fulfillment workflow, but allows you greater control over capturing payment for specific orders. You can assess the potential cost of transaction fees and the time it adds to your fulfillment workflow to determine what is right for your business.
Ultimately, it's up to you to decide if you're comfortable fulfilling an order that's marked as high risk.