Details
-
Type: Sub-task
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 4.9.0-b1
-
Component/s: None
-
Labels:None
Description
When a fraud check occurs from the Order plugin, it does so in one of the following cases:
- Just before the order is created (in order to stop the order from being created)
- Just before the client is created (in order to stop the client from being created)
In the case of #2, users (e.g. spam users) may try to sign up for an account multiple times without providing enough information, or incorrect information, and a fraud check is run each time. This can be costly since the fraud checks typically charge per query.
In order to mitigate the use of too many unnecessary fraud checks, we could do the following (see also https://www.blesta.com/forums/index.php?/topic/10916-fraudlabs-pro-using-multiple-credits-per-transaction/#comment-57783):
- Check whether the provided information validates user/client/contact creation BEFORE attempting the fraud check, and prior to actually creating the client
- This should be an option, since some people (e.g. see the forum thread link) may prefer to perform the fraud check on incomplete/invalid information
- Cache fraud detection criteria (i.e. user/client/contact submitted data) and the fraud check result
- Do not run a fraud check if we already ran an identical fraud check on the same data recently in the past
A cache for fraud checks can be added in the future apart of a separate task