I released the latest version of VisitorBoost.com and TargetedVisitors.info to the public. They are my two brands for reselling website advertising services; my most active sites receiving approximately 7,000 orders this year. The latest release included an entirely rewritten account management area, shopping cart and checkout process, as well as new advertising services. Customers can now purchase advertising only in Canada and European regions, as well as North America, U.S. or no regional targeting at all.
I redesigned the database to handle the new options, a simpler tiered pricing system offering discounts by quantity, and recording of more information than previous for fraud detection purposes. It’s now possible to determine all customers which were identified as likely fraud or performed a chargeback as a not-authorized transaction. From this I can determine all websites they purchased advertising for, their IP addresses, a record of any changes made to their names or addresses while a customer, what credit cards were used (the number is combined with a salt to produce a one-way hash impracticle to decipher, but can be compared to incoming numbers for likely matches), etc.
Now I’m building the fraud scoring system which combines all that information along with IP-to-location, BIN-to-location, reverse phone, and domain WHOIS data in analyzing incoming orders. Additional “suspicious behavior” such as using multiple cards in a short time, changing the account name or address, or having an e-mail with the TLD of a high risk country also add to the score.
My administration area for viewing and approving orders displays these scores and with a little AJAX, the full breakdown of what contributed to the score, customer’s order history, log of customer actions, etc.
Jason
December 20th, 2006
Are you doing the fraud detection algorithm by hand? Or are you using a commercial product like MaxMind?
Dan
December 20th, 2006
It’s written by hand and I’m gradually adding to it as I notice new patterns myself. I do use MaxMind’s GeoLite City database (the free one) to do the IP-to-location lookups which are part of the algorithm. I considered their fraud scoring service but decided it didn’t do enough to be worth the hassle of integrating and paying for when I can write my own.
Dan Grossman : Midterms
February 13th, 2007
[...] I haven’t had anything to write the past week and a half due to midterms at Drexel. I’m taking the most credits a student can register for here, so I have a lot of exams to study for and projects to complete. Luckily I finished some nice automation code for VisitorBoost and TargetedVisitors a few weeks ago which is taking care of processing and approving most orders for me so I don’t have a backlog of 80 to look at when I’m too busy one night to do so. It uses the fraud scoring code I updated in November, along with a couple other factors, to choose what orders to approve automatically and which to hold for manual review. Bookmark and Share: [...]
usenet binary
February 16th, 2007
usenet binary
usenet binary start page
Henry
March 13th, 2007
Hi,
I am trying to add fraud detection to an e-payment framework for developing countries. I’ll some tips on how you built your system. Most developing countries are blacklisted. This makes this system pretty interesting.
Regards,
Henry