8 Techniques to Prevent Fraud on Your Magento Store

November 18, 2015 by Leah Na'aman

A report from LexisNexis found 42% of online retailers reported an increase in fraud during 2014, with large and international merchants hardest hit when it comes to a loss of revenue. Having one or two preventative measures in place is just not enough anymore – ecommerce business owners need to implement a multi-layered approach to protect both their business and their customers. Here are eight different security features you can set-up on your Magento site to deter hackers and protect your revenue.

  1. Use a secure connection for checkout

With cyber breaches on the rise, people are more wary than ever about handing over their credit card details and store owners need to be on top of all potential threats. Secure Sockets Layer certificates should be in place to protect both customers and owners from attackers.

Running above the TCP/IP protocol, SSL certificates authenticate the server and encrypt data sent between systems, preventing access to hackers.

  1. Address verification system

Having an AVS in place is a popular way to check the authenticity of an order. The billing address entered by the customer is compared to the address recorded by the bank and an AVS flag is returned to the online store. A decision to allow the order to proceed can then be made depending on the findings.

  1. Geo location

By evaluating your customer’s IP address, a geo location system can determine the location the person is placing their order from. While this isn’t a fraud-prevention tool on its own, it can be very useful once paired with AVS results or shipping addresses.

  1. Proxy detection

While geo location evaluation is still a great safeguard to have in place, hackers are becoming better at bypassing this system, which is where proxy detection comes in. Putting this process in place allows your ecommerce site to detect the use of anonymous IP addresses. Your visitor’s IP address is compared to a list of flagged IPs and is authenticated if no match is found.

  1. Require strong passwords.

While store owners have the bulk of responsibility when it comes to protecting customers, visitors can also do their part by making it more difficult for fraudsters to breach the front-end of your store. Requiring customers to use strong passwords containing numbers, capitalisations and symbols strengthens their account’s protection.

  1. Card verification system

As well as an address verification system, it’s also a good idea to require customers to enter the security numbers present on the back of their cards and see if there’s match.  As merchants are not allowed to store these codes, it’s unlikely that hackers will have access to them after obtaining someone’s details through a data breach.

  1. Use tracking numbers for all orders

Protect your store from chargeback fraud by assigning tracking numbers to each order placed on your site. This means you have a comeback if a customer gets their bank to forcibly return funds or a fraudulent customer claims the package was never delivered.

  1. Suspicious activity alerts

Some platforms or software will automatically alert you when suspicious activity occurs. Examples of this include:

  • Multiple orders by one person on different credit cards
  • Customers ordering large quantities of one product
  • Phone numbers that do not match the area code of the billing address
  • Visitors who pay extra to ship large orders quickly (sign of a stolen credit card.

Having a system in place means you can monitor for potential scams and take action if needed.



Roy Rosinnes