Wolfpaw Fraud Screening and Detection Module - MaxMind Integration - Miva Merchant Version
Versions of this module are available for Miva Merchant
version 4 compiled (V4.14 and later) and version 5. The
instructions provided below show screen shots for the
V5 module. The V4 module is similar.
has teamed up with MaxMind, makers of the GeoIP® location
database, to bring the minFraud fraud screening and detection
system to Miva Merchant. For less than one-half cent per
query the minFraud system provides a risk score indicating
the probability that a customer order is fraudulent. The
risk score is based on a number of factors including:
the geographical distance between the location of the
customer's browser to the claimed billing address; high
risk IP address analysis; location of customer's telephone
number; free and high-risk e-mail analysis; open proxy
detection; shipping remailer detection, etc.
more information on the minFraud system and risk scoring
signup for a minFraud account
purchase this module
the module works
order to insure that all potential customer orders are
checked for possible fraud we have integrated the fraud
checking into Miva Merchant just before payment gateway
authorization. Thus all orders are checked - even COD,
Simple Credit Card Validation and offsite credit card
entry gateways such as PayPal and Amazon. This allows
fraudulent orders to be dropped prior to credit card authorization
thereby reducing authorization fees, improving your merchant
decline ratio, refund ratio and chargebacks - and possibly
qualifying you for lower credit card fees.
protect against false negatives (loss of legitimate orders)
we have provided for extensive logging, decline and email
notification thresholds and custom screens allowing merchants
to notify customers to check their billing and shipping
address entries and/or call to place their orders manually.
prevent module processing or minFraud server connections
errors from halting your store the module can be configured
to email the merchant and accept all orders in the event
of an error (this is the default). Also, to prevent an
over-sized log file from halting Miva Merchant the module
rotates the antifraud log file after it has reached 20MB's.
you become familiar with the module we recommend that
you leave logging turned on, email notification threshold
set to '0%', and the decline threshold set to 100%. This
will insure that all legitimate orders are accepted and
you can manually review suspect orders before you ship.
Afterwards you can raise the email notification threshold
and lower the decline threshold to numbers you are comfortable
Download the module from MivaCentral and unzip on your
local PC. The name of the file is 'wp_antifraudv4.mvc'
or 'wp_antifraudv5.mvc' depending on your Miva Merchant
version. Note the location of the module file on your
Open your Miva Merchant admin control panel and navigate
to Global Settings > Module (Add). Click on 'Add'.
Click on Upload - an upload window will open.
Click on 'Browse' to locate the wp-antifraud.mvc module
in your local PC.
Browse to the location of the module. Click on the file
name to select and then click 'Open'.
In the 'Upload File' window click on 'Upload'.
Now click on 'Add' to install the module.
The Antifraud - MaxMind Integration module is now installed.
Open your store settings menu and click on 'Payment Settings'.
In the 'Payment Settings' window enable the Antifraud
module by checking the box to its right and clicking on
The module is enabled. Click on the tab 'Antifraud - MaxMind
Enter your License Key and read the License Agreement.
If you accepts the Terms and Conditions of the License
Agreement check the box and click 'Update'.
The license key is accepted. Now click on the 'Antifraud
- MaxMind Integration' tab again to begin configuration
of the module settings.
The module settings are shown in the above image. A description
of each setting follows.
Enable Fraud Checking: Checking this
box turns fraud checking on - otherwise it is off.
MaxMind License Key: This module integrates
with the MaxMind minfraud system. You will need a minFraud
account and license key. Enter the license key here. You
can obtain a minFraud license at this URL http://www.maxmind.com/app/ccv_buynow.
MaxMind Service Type: Select 'Standard'. The 'Premium'
service is not used in this version of the module.
MaxMind Primary and Secondary URL: These are the URLs
for the MaxMind servers. The default selections are the
current URLs. If MaxMind changes the URLs in the future
you can make an adjustment here.
Enable Fraud Analysis Logging: This should be checked.
The log provides a complete record of the queries sent
to the MaxMind server and the responses sent back. The
log is automatically rotated after it reaches 20MB's -
approximately 20,000 queries.
Log File: Name of the log file. You can leave this as
A note about risk thresholds. The MaxMind minFraud system
calculates the probability that an order is fraudulent.
Please read the information here
to understand how the minFraud system works.
Risk Threshold for Email Notification. You can set this
to 0% and get a fraud analysis email for every order or
minimize the emails by raising the threshold slightly.
You should set this to 0% at the outset so you can develop
an understanding of how the system works and the risk
scores for normal orders.
on the thumbnails below for examples of merchant notification
Email Subject: The subject line that will be used for
email notifications. The risk score and whether the order
was accepted or declined will also appear on the subject
line of the email.
Risk Threshold for Order Decline: The risk score (probability
the order is fraudulent) at which you will decline an
order. You may wish to set this 100% and decline orders
later based upon the email notifications or set it to
a lower number in the 50 - 60% range and minimize your
credit card decline ratio, chargebacks and dings to your
Screen Message on Order Decline: Message that appears
on the screen notifying the user his order is declined.
You can add html tags. Our default message asks the user
to call a telephone number for asistance. If you will
be using this message be sure to add your correct phone
Email Notifications Address: Enter the addresses you want
notifications sent to and the address to appear on the
'From' line of these emails. Separate multiple email addresses
On Processing Error: In the event the module encounters
a processing error or cannot reach the MaxMind servers
you can either accept or decline orders and send an email
notifcation. The recommended default is to accept orders
and send an email. You can also specify the subject to
appear on the email.
Screen Message on Processing Errors: Message that appears
on the screen when the modules encounters a processing
the 'email-to' address for notifications to your email
address and put your phone number in the screen decline
and processing error messages.
default email notification and decline threshold settings
are very conservative. The risk score for email notifications
is set to 0% - this means you'll get a fraud analysis
email for every order attempt. The risk score for order
decline is set to 100%. This means no orders will be declined
by the module.
you get used to the email notifications try raising the
risk score for email notifications to 3%. We find that
most legitimate orders have risk scores under 2%.
you want to block fraudulent orders from passing to your
payment gateway then reduce the risk score for order declines
to 40% and make sure the 'decline message' in the module's
configuration says what you want (correct phone number,
etc) - so a legit customer will call you if he accidently
you can calculate the risk score to use. You'll want to
make sure that the average profit gained by accepting
an order is greater than the average cost of accepting
it. Here's a simplified formula to help you with this
calculation. Please note that this is a generalization
and does not apply in every case
(profit on the order) * (100 - riskScore) > (fraud
loss) * riskScore, then process the order.
the 'profit on the order' is the money you would make
if the order is legitimate and the 'fraud loss' is how
much you would lose if the order were fraudulent (e.g.
shipping, chargeback fees, cost of goods, etc.).
a very simplified basis if you assume no shipping cost
or chargeback fees then if your gross margin is 25% you
would decline any order with a fraud probability higher