Purpose: This article outlines our fraud process with Sift Science, and any sort of implications.
SiftScience is a fraud detection software. It was implemented on our website on April 13, 2016.
What Sift does not do:
- Sift does not create any orders.
- Sift does not close any orders.
What Sift does do:
Sift does provide you with more information about how likely some user or SO is to be fraudulent.
How it works:
This software takes into account many different attributes of an order such as email address, billing zip code, shipping address, emails used on this device, number of credit cards attempted/used, etc.
After an order processes through PayPal/Amazon Pay/CyberSource, SiftScience will deliver a score back to NetSuite between 0-100. Zero being low probability of fraud and 100 being high probability of fraud.
Basic Process of Sift:
1. Customer places an order on the website
The customer will receive the successful order confirmation page on the website.
2. Transaction details are provided to Sift.
During the order creation process, all the relevant order data is uploaded to Sift in real time. The data set includes Email, Name, Billing and Shipping address, Amount, Payment Details, Currency, etc.
3. Sift checks for a fraud score
After 15 minutes from order creation, Sift will determine a fraud score. Based on that score, we decide if the order should be canceled or approved.
4. Applying a decision on the order based on the Sift generated fraud score
Below is the logic around approving or cancelling an order based on the fraud score:
- Approve everything that has a fraud score under 70, with an order amount of $300 or less
- Cancel everything above 90, no matter what the order amount is
- Cancel everything between 70 & 90, with an order amount of $1000 or more
- Hold all orders, no matter what the fraud score, with an amount of $300 or more for review
- Hold orders with a fraud score between 70 & 90 with an order amount less $1000
Email is the only key to search for score. So if an email is new, chances are high that Sift will miss a fraudulent pattern.
6. Once the order is in Pending Fulfillment, the credit card will be charged (~30 minutes).
7. Once the credit card is charged, the Ready to Ship box will be checked (~2 hours).
8. Once the Ready to Ship box is checked, the B2B box will be checked (B2B train comes every 2 hours).
- The order can be changed or cancelled anytime before the B2B box is checked.
6. Once B2B box is checked, the order is sent to shipping facility and customer will receive their order in 1-7 business days.
Checking NS Fraud List
1. Check Customer Record to see:
- How many orders has the customer placed?
- Do all the orders pre-SiftScience have different shipping addresses, credit card numbers, billing zip codes?
2. Go to SiftScience and search customer email or External ID (sift order number)
3. Check the Attributes, Orders, Identity, Locations, Network, and Signals sections for information on the customer.
4. Things to look out for (but are not necessarily fraudulent):
- Customer had multiple credit card failures that are not similar to each other. (Some customers might mistakenly enter their credit card number wrong the first time)
- The shipping address, billing zip code, and IP address are all located in different areas
- The email address is associated with other high risk emails under the Network section
- The customer name in NS does not have any similarities with the email address
- There are multiple email addresses used to order on the same device
- The customer did not visit the FAQ page, or spent very little time from the home page to the buy now page, or directly opened the buy now page.
Marking Customers in SiftScience
If you are completely certain that the customer is a fraudulent buyer, you can mark them as a "Bad" user in SiftScience. This will prevent the customer from placing all future orders on our website and score any other email addresses associated with that user with a higher score.
If you are completely certain that the customer is NOT a fraudulent buyer you can mark them as a "Good" user in SiftScience. This will allow any future purchases from this customer. SiftScience will also "learn" from the attributes from that user for future score decisions.
- When the customer is marked as fraud in NetSuite (SO--> Billing--> Fraud Check Failed box checked), and their order is closed they will receive an email letting them know their order was closed because it was fraudulent.
- When closing orders for regular customers, double check the Fraud Check Failed box to make sure it is not checked when you close the order.
- If a customer had their order closed as fraud and writes in claiming their order was NOT fraud, please listen to their story. Some of the fraud "red flags" can be explained by certain situations.