To prevent fraudulent activity, you can configure CloudBlue Commerce to validate the information provided by customers during order placement. Fraud screening and validation and eligibility checks are performed with the help of fraud screening plugins.
Important: During the configuration process described below you will be offered a choice of fraud-screening plugins already deployed to your CloudBlue Commerce system. There is also a brief instruction how to deploy more plugins if the existing choices are not enough. However, you may also need to develop your own plugin addressing your special needs. In such a case, allow enough time for software development and follow CloudBlue Commerce Fraud Screening Plug-in SDK Guide for development advice. Deployment instructions for the out-of-the-box plugins are also described below.
Each plug-in is usually responsible for one of these functions:
-
Fraud screening (non-blacklist).
Provider can set certain restrictions on the values of some order parameters. Such restrictions are configured on the plug-in configuration screen in CloudBlue Commerce provider control panel. When an order violates any of such restrictions, the respective plug-in returns an error to CloudBlue Commerce. The status the order takes depends on the configuration of the fraud screening rules associated with the plug-in.
For example, provider may want to process orders with large totals manually and provision them on the case-by-case basis. Thus, provider may limit the order total and hence configure the maximum order total parameter on the respective fraud-screening plug-in configuration screen. The fraud screening rule in this case must be configured to send all orders with totals exceeding the limit to manual processing. If a customer tries to place an order which exceeds this limit, the order will be sent to manual approval.
-
Fraud screening (blacklist).
Provider can blacklist the necessary order data such as customer details, service plan details and so on. Blacklist-enabled plug-ins receive blacklist information from the Billing database, where this information is saved during their configuration. When an order qualifies for blacklisting, the respective plug-in returns an error to CloudBlue Commerce. The status the order takes depends on the configuration of the fraud screening rules associated with the plug-in.
For example, provider may want to blacklist certain telephone numbers and not provision those orders where customers supply any such numbers. In this case, provider can add these numbers to the blacklist of the necessary plug-in and set the corresponding fraud screening rule to reject provisioning in such cases. If a customer supplies any of the blacklisted telephone numbers when placing an order from the CloudBlue Commerce Online Store, the order will not be provisioned.
-
Validation and eligibility checks
For example, provider may want to limit certain discounted offerings to online customers only because they complete order information by themselves, whereas traditional customers call their sales agent to create an order in the system on their behalf. To ensure this, provider offers promo-codes to online customers, which makes them eligible for the corresponding offerings. If a customer chooses one of these offerings but fails to supply a valid promo-code in the CloudBlue Commerce Online Store, the system will not allow the customer to place the order and will return an error message configured by provider.
Installing Plugins and Configuring Fraud Screening
To install plugins included in the CloudBlue Commerce distribution:
-
Before installing a plugin, check the already installed plugins:
Go to Provider Control Panel. In the top menu, switch to Billing. In the left menu, go to System > Settings > Operations > Fraud Screening.
- Enter the Operations management node through SSH.
-
Install the necessary plugin by running the following command:
pa_updater --billing-container <PLUG-IN_CONTAINER_NAME>
-
Go to Provider Control Panel. In the top menu, switch to Billing. In the left menu, go to System > Settings > Operations > Fraud Screening.
-
Click the necessary plugin in the list. Configure the plugin settings as described in Fraud Screening Plugins Out Of The Box.
Important limitations
Depending on their implementation, Validation and Eligibility plug-ins can return the values of customer classes to be assigned to new customers that place orders in the CloudBlue Commerce Online Store. Use this capability carefully to avoid problems similar to this one:
- Problem scenario example: When placing an order from the online store, a customer enters a promotion code received from a sales agent. The promotion code tells the system that the customer belongs to the customer class “Online customer”. The system validates the customer data with a Validation and Eligibility plug-in, which returns the customer class “Traditional business customer". Since the customer is assigned two different customer classes, the system returns a validation and eligibility error.
- Solution: If you implement a Validation and Eligibility plug-in so that it can return customer class values (depending on the data new customers submit in the Online Store), make sure that the customer classes assigned to service plans or promotions are not in conflict with the customer classes returned by the Validation and Eligibility plug-in. To do so, check and adjust customer class configurations for the Validation and Eligibility plug-in, service plans, and promotions.