Details
-
Type: Sub-task
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 4.9.0-b1
-
Component/s: None
-
Labels:None
Description
When a fraud check occurs from the Order plugin, it does so in one of the following cases:
- Just before the order is created (in order to stop the order from being created)
- Just before the client is created (in order to stop the client from being created)
In the case of #2, users (e.g. spam users) may try to sign up for an account multiple times without providing enough information, or incorrect information, and a fraud check is run each time. This can be costly since the fraud checks typically charge per query.
In order to mitigate the use of too many unnecessary fraud checks, we could do the following (see also https://www.blesta.com/forums/index.php?/topic/10916-fraudlabs-pro-using-multiple-credits-per-transaction/#comment-57783):
- Check whether the provided information validates user/client/contact creation BEFORE attempting the fraud check, and prior to actually creating the client
- This should be an option, since some people (e.g. see the forum thread link) may prefer to perform the fraud check on incomplete/invalid information
- Cache fraud detection criteria (i.e. user/client/contact submitted data) and the fraud check result
- Do not run a fraud check if we already ran an identical fraud check on the same data recently in the past
A cache for fraud checks can be added in the future apart of a separate task
Activity
Tyson Phillips (Inactive)
created issue -
Tyson Phillips (Inactive)
made changes -
Field | Original Value | New Value |
---|---|---|
Rank | Ranked higher |
Jonathan Reissmueller
made changes -
Rank | Ranked higher |
Tyson Phillips (Inactive)
made changes -
Story Points | 5 |
Tyson Phillips (Inactive)
made changes -
Security | Private [ 10000 ] |
Tyson Phillips (Inactive)
made changes -
Fix Version/s | 4.9.0-b1 [ 11301 ] |
Tyson Phillips (Inactive)
made changes -
Parent |
|
|
Issue Type | Improvement [ 4 ] | Sub-task [ 5 ] |
Story Points | 5 |
Tyson Phillips (Inactive)
made changes -
Description |
When a fraud check occurs from the Order plugin, it does so in one of the following cases:
# Just before the order is created (in order to stop the order from being created) # Just before the client is created (in order to stop the client from being created) In the case of #2, users (e.g. spam users) may try to sign up for an account multiple times without providing enough information, or incorrect information, and a fraud check is run each time. This can be costly since the fraud checks typically charge per query. In order to mitigate the use of too many unnecessary fraud checks, we could do the following (see also https://www.blesta.com/forums/index.php?/topic/10916-fraudlabs-pro-using-multiple-credits-per-transaction/#comment-57783): # Check whether the provided information validates user/client/contact creation BEFORE attempting the fraud check, and prior to actually creating the client #* This should be an option, since some people (e.g. see the forum thread link) may prefer to perform the fraud check on incomplete/invalid information # Cache fraud detection criteria (i.e. user/client/contact submitted data) and the fraud check result #* Do not run a fraud check if we already ran an identical fraud check on the same data recently in the past |
When a fraud check occurs from the Order plugin, it does so in one of the following cases:
# Just before the order is created (in order to stop the order from being created) # Just before the client is created (in order to stop the client from being created) In the case of #2, users (e.g. spam users) may try to sign up for an account multiple times without providing enough information, or incorrect information, and a fraud check is run each time. This can be costly since the fraud checks typically charge per query. In order to mitigate the use of too many unnecessary fraud checks, we could do the following (see also https://www.blesta.com/forums/index.php?/topic/10916-fraudlabs-pro-using-multiple-credits-per-transaction/#comment-57783): # Check whether the provided information validates user/client/contact creation BEFORE attempting the fraud check, and prior to actually creating the client #* This should be an option, since some people (e.g. see the forum thread link) may prefer to perform the fraud check on incomplete/invalid information # Cache fraud detection criteria (i.e. user/client/contact submitted data) and the fraud check result #* Do not run a fraud check if we already ran an identical fraud check on the same data recently in the past A cache for fraud checks can be added in the future apart of a separate task |
Jonathan Reissmueller
made changes -
Assignee | Jonathan Reissmueller [ jonathan ] |
Automated transition triggered when Jonathan Reissmueller created a branch in Stash -
Status | Open [ 1 ] | In Progress [ 3 ] |
Jonathan Reissmueller
made changes -
Remaining Estimate | 0 minutes [ 0 ] | |
Time Spent | 1 hour, 46 minutes [ 6360 ] | |
Worklog Id | 13147 [ 13147 ] |
Automated transition triggered when Jonathan Reissmueller created pull request #113 in Stash -
Status | In Progress [ 3 ] | In Review [ 5 ] |
Resolution | Fixed [ 1 ] |
Jonathan Reissmueller
made changes -
Time Spent | 1 hour, 46 minutes [ 6360 ] | 1 hour, 54 minutes [ 6840 ] |
Worklog Id | 13168 [ 13168 ] |
Jonathan Reissmueller
made changes -
Time Spent | 1 hour, 54 minutes [ 6840 ] | 2 hours, 14 minutes [ 8040 ] |
Worklog Id | 13182 [ 13182 ] |
Jonathan Reissmueller
made changes -
Time Spent | 2 hours, 14 minutes [ 8040 ] | 2 hours, 29 minutes [ 8940 ] |
Worklog Id | 13192 [ 13192 ] |
Jonathan Reissmueller
made changes -
Time Spent | 2 hours, 29 minutes [ 8940 ] | 2 hours, 39 minutes [ 9540 ] |
Worklog Id | 13201 [ 13201 ] |
Automated transition triggered when Tyson Phillips (Inactive) merged pull request #113 in Stash -
Status | In Review [ 5 ] | Closed [ 6 ] |