Fraud risk factor is a number from 1 to 10 estimating the riskiness of accepting a credit card for a certain order (the higher the number the higher the risk). The calculation is performed in two steps:

I. At this step, AntiFraud server processes the following parameters:

country_doesnot_match (binary value, 1 or 0)

city_doesnot_match (binary value, 1 or 0)

is_free_email (binary value, 1 or 0)

is_anonymous_proxy (binary value, 1 or 0)

fraudulent_ip (binary value, 1 or 0)

proxy_score (decimal value, from 0 to 10)

spam_score (decimal value, from 0 to 10)

CHECK_IP_DISTANCE (integer value, distance in km)

The algorithm used is as follows:

Initially, fraud risk factor is assigned the value "0" (zero).

If any of the binary parameters takes the value of "1" (true), the fraud risk factor is increased by a certain (“know how”) value.

If ‘proxy_score’ or ‘spam_score’ exceeds 4, the fraud risk factor is increased by a certain (“know how”) value.

If ‘CHECK_IP_DISTANCE’ exceeds the AntiFraud safe distance value, the fraud risk factor is increased by a certain (“know how”) value.

Finally, if the result of fraud risk factor calculation exceeds 10, it is set to 10.

II. Once the first step is completed, the calculated value is passed on to X-Cart to be adjusted according to all of the following rules:

If the order total is greater than the Order total threshold value - ‘order_limit_excess’ becomes "1" (true), and the fraud risk factor is multiplied by 2;

If the customer has had processed orders in the past, ‘completed orders’ takes the value of "1" (true), and the fraud risk factor is divided by 2;

If the customer has had canceled orders in the past, ‘declined_orders’ takes the value of "1" (true), and the fraud risk factor is multiplied by 1,5;

If the IP address being checked has been already used to place orders under a different user account, ‘foreign_ip_address’ takes the value of "1" (true), and the fraud risk factor is multiplied by 2;

If the customer’s billing address is considered to be a high-risk country, ‘is_high_risk_country’ takes the value of "1" (true), and the fraud risk factor is incremented by 7.

Finally, if the fraud risk factor value is above 10, it is set to 10.

*Related pages*: