Improving Automated Fraud Detection

I released the latest version of VisitorBoost.com and TargetedVisitors.info to the public. They are my two brands for reselling website advertising services; my most active sites receiving approximately 7,000 orders this year. The latest release included an entirely rewritten account management area, shopping cart and checkout process, as well as new advertising services. Customers can now purchase advertising only in Canada and European regions, as well as North America, U.S. or no regional targeting at all.

I redesigned the database to handle the new options, a simpler tiered pricing system offering discounts by quantity, and recording of more information than previous for fraud detection purposes. It’s now possible to determine all customers which were identified as likely fraud or performed a chargeback as a not-authorized transaction. From this I can determine all websites they purchased advertising for, their IP addresses, a record of any changes made to their names or addresses while a customer, what credit cards were used (the number is combined with a salt to produce a one-way hash impracticle to decipher, but can be compared to incoming numbers for likely matches), etc.

Now I’m building the fraud scoring system which combines all that information along with IP-to-location, BIN-to-location, reverse phone, and domain WHOIS data in analyzing incoming orders. Additional “suspicious behavior” such as using multiple cards in a short time, changing the account name or address, or having an e-mail with the TLD of a high risk country also add to the score.

My administration area for viewing and approving orders displays these scores and with a little AJAX, the full breakdown of what contributed to the score, customer’s order history, log of customer actions, etc.