stale[bot]
commented
1 year ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Open RyanofWoods opened 2 years ago
stale[bot]
commented
1 year ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Braintree comes with free basic fraud protection. One of the tools is Risk Threshold Rules (velocity checks) [1]. Many of the fields [2] cannot be used as the extension is not currently providing enough data when creating customers and transactions, or the data is inconsistent with what they want.
[1] https://developer.paypal.com/braintree/articles/guides/fraud-tools/basic/risk-threshold-rules [2] https://developer.paypal.com/braintree/articles/guides/fraud-tools/basic/risk-threshold-rules#fields
Fields/data that can be used for the rules:
Billing Postal Code: not provided on transactionsCredit Card Number: extension only uses tokens and not raw cc data, but this should be useable?Order ID: Solidus makes this order-id unique for each transaction, so for example the "Unique Credit Card Numbers per Order ID" check will not workCustomer ID: is given on transactions, but might not be that useful as a customer might be created for each purchase, so you cannot utilize the "Unique Credit Card Numbers per Customer ID" check (I need to check this more)Customer Email, not given when customer is vaultedPayment Method Token: integrated and vaulted on customer and transactionsProposed solutions:
Order IDbe consistent across transactions for the same orderBilling Postal Codeemailwhen creatingcustomerThe following fields need checking if they can be currently used for the checks:
Credit Card NumberPayment Method TokenCustomer ID(does this change per payment? Any differences between guest and user?)