All orders screened by NoFraud will include various Risk & Trust factors that are intended to give you some insight into our decision. Although these Risk & Trust factors are not all-inclusive and are only intended for informational purposes, they will help you understand some of the factors that we weighed when giving an order a Pass or Fail decision.
Each Risk & Trust factor is weighted differently depending on the unique variables for each order, and none of them are the sole factor in Passing or Failing an order. Thus, you may notice multiple orders with the same factors but a different NoFraud decision. This is due to how our intuitive AI system and fraud analysts judge the Risk & Trust factors differently depending on the unique variables of a specific order, as well as the unique combination of Risk & Trust factors for that order.
In this article we will provide a brief description of each of the numerous Risk & Trust factors you will encounter in the NoFraud portal:
These are the elements of an order that generally indicate that it is valid and safe to ship:
Device is in close proximity to billing address: This indicates that the customer's geolocation was nearby the address on file with the cardholder's bank, indicating that the actual cardholder (or a close associate/family member) placed the order.
Normal device activity observed: The customer's shopping activity did not match common fraudulent indicators (e.g. use of a proxy device, close proximity to billing address etc.)
Transaction placed with first payment attempt: A common indicator of fraud is when the customer attempts multiple payment attempts before the order is finally approved. This Trust factor indicated that this order was successfully placed on the first payment attempt.
Card Verification Value (CVV) Match: This indicates that the CVV code submitted by the customer matches what's on file with the cardholder's bank.
Shipping to cardholder's address: This indicates that NoFraud was able to verify that the shipping address belongs to the actual cardholder and that the order isn't being shipped to an unverified address.
Email address has been active for a substantial time frame: Fraudsters tend to create new email addresses for the specific purpose of placing a (fraudulent) order. This indicates that the email address submitted with this order has been in existence for a substantial timeframe.
Shopper has longevity using payment method: This customer has previously used this same payment method for past non-fraudulent orders.
Issuing bank matches billing country: (primarily for non-US orders) this indicates that the credit card was issued in the same country that the order is being shipped to.
Address Verification System (AVS) Match: The billing address submitted by the customer fully matches the address on file with the cardholder's bank. You can read more about AVS here.
These are the elements of an order that generally indicate that it might be fraudulent or requires additional validation before being shipped:
- Risky device activity detected: Certain characteristics of the device being used to place the order are suspicious (e.g. the customer is masking their device information, the device geolocation is a far distance from the cardholder's address etc.).
- Irregular device activity detected: Certain characteristics of the device being used to place the order are unusual or unexpected.
- Proxy detected: The customer is using proxy software to mask their device information.
- IP geolocation is distant from billing address: The customer's placed the order from a device that is located a far distance from the cardholder's address.
- Address Verification System (AVS) Partial Match: The billing address submitted by the customer only partially matches the cardholder's address that is on file with their issuing bank (e.g. the zip code matches, but the street address does not match).
- Address Verification System (AVS) Complete Mismatch: The billing address submitted by the customer completely mismatches the cardholder's address that is on file with their issuing bank.
- Shipping address different than AVS-verified address: The shipping address differs from the cardholder's verified address.
- Expedited shipping requested: Often, fraudsters will request an expedited shipping option, because a) they are not paying for the merchandise/shipping and have nothing to lose, and b) they believe it will give the seller less time to recognize the fraud and re-route or prevent the order from shipping to them.
- Multiple Card attempts observed in a short span of time: Many fraudsters will attempt to use multiple cards for the same order until one is approved. This indicates the customer attempted multiple payments with various different cards before the order was successfully placed.
- Shipping to freight forwarding service: Orders shipping to a freight forwarder are generally considered riskier than orders shipped directly to the customer's/cardholder's residential address.
- Email address has little history: Fraudsters will often create new email addresses (especially when they don't have access to the actual cardholder's email account) for the specific purpose of placing fraudulent orders. Thus, a brand-new email address is considered a risk factor.