Magento 2 Fraud Prevention Extension - Maxmind | MinFraud.
ABOUT MAXMIND MAGENTO 2 FRAUD PREVENTION MINFRAUD.
Detect fraud and minimize risks, with this extension your Magento orders will be evaluated and receive a risk score, using MaxMind's Score, Insights and Factors Services, depending on which best suits your business.
Fraud check is very important, and our Fraud Prevention and Risk Scoring module for Magento 2 will assist you in monitoring, detecting, and preventing fraud in your online store. This extension uses real-time fraud analysis from MaxMind, an industry-leading provider of IP intelligence and online fraud detection tools. The module determines the chance that a transaction is fraudulent based on multiple factors, including whether an online transaction comes from a high-risk IP address, high-risk email, high-risk device, or anonymizing proxy.
The extension also comes with the possibility of reporting Chargebacks, which helps MaxMind detect about 10-50% more fraud specifically tailored to your company.
The MaxMind Fraud Prevention minFraud extension for Magento 2 is recommended by MaxMind.
Features:- Prevent fraud by automatically placing On Hold orders with high score risk.
- Minimize Chargeback costs.
- Cut costs by choosing specific Payment Methods on which you'd like the MaxMind scoring to apply
- Granular Device Tracking capabilities
- Defer JS option for increased performance
- NEW: Scoring available via all API versions for backend/Magento Admin orders
- Instant fraud score check when order is placed.
- Customizable fraud score limit, set your own fraud score limit.
- Check only orders with a specified minimum order amount.
- Automatic Email notification when an order is placed on hold due to high risk score.
- IP exceptions, do not check fraud score from excepted IPs.
- Force IP, possibility to use MaxMind fraud prevention services on local installations.
- Includes the possibility of reporting Chargebacks, in order to help MaxMind detect more fraud for your company.
- Features compatibility with the Hyvä theme.
Along with this extension, a MaxMind account is necessary - you can create one here. The module integrates the MaxMind Risk Scoring service (from only $0.005 an order) with your Magento 2 store and identifies risky orders to be held for further review by your support center.
For example, what if an order was placed from a computer in a suspicious country but the shipping address is in Germany? You should be able to easily identify those kinds of orders. Suspicious orders such as these will be flagged automatically by our fraud detection extension. All orders will be verified and scored for fraud risk using MaxMind minFraud service using a 1-100 (highest) score.
Easy integration in your Magento 2 store.The module installs into your Magento store without having to modify your code. Order scores are displayed in the summary Sales Order view and detailed information about the order score (and elements that contributed to it) is visible in each individual order.
Easy to use.After you install the extension you just need to create a MaxMind account, fill in the credentials and your orders will be reviewed for fraud detection based on the risk threshold you set in admin. All orders which get a score above the threshold will appear in red and be placed on hold for further review.
1 MINUTE INSTALLATION GUI.
-
Step 1:
Before installing please check the extension compatibility. This extension is currently compatible with the following Magento versions 2.0.X. - 2.4.7-p3. It is recommended to install the extension first on a testing server before you install it on a live (production) server. -
Step 2:
Copy the extension files to below paths of your magento 2 instance. If ‘app/code/WeltPixel’ folder is missing, please create it manually:
app/code/WeltPixel/Backend
app/code/WeltPixel/Maxmind -
Step 3:
Copy the installation GUI folder 'weltpixel-extension-installation' in the root of your Magento installation. In some Magento configurations the public root folder may be under 'pub' directory.
www.yourmagentostore.com/weltpixel-extension-installation/
-
Step 4:
In your browser go to www.yourmagentostore.com/weltpixel-extension-installation/ and simply follow the installation steps from the graphical interface, presented in your browser. See the installation video: 1 Minute Module Installation via browser GUI. -
Step 5:
Wooohooo! The extension is now installed on your Magento store! Congrats!
If you experienced any issues or limitations with this quick GUI installation, see also SSH Installation below. SSH installation does the same thing but you are required to issue the commands step by step via CLI. Some servers may have high security configurations and may limit the functionality of this GUI Installer.
How to Install via SSH.
-
Step 1:
Before installing MaxMind Fraud Prevention Extension on a Magento 2 store please check the extension compatibility. This extension is currently compatible with the following Magento versions 2.0.X. - 2.4.7-p3. It is recommended to install the extension first on a testing server before you install it on a live (production) server. -
Step 2:
Copy the extension files to below paths of your magento 2 instance. If ‘app/code/WeltPixel’ folder is missing, please create it manually:
app/code/WeltPixel/Backend
app/code/WeltPixel/Maxmind -
Step 3:
Access the root of your magento 2 project from command line and run the following commands:
php bin/magento module:enable WeltPixel_Backend --clear-static-content
php bin/magento module:enable WeltPixel_Maxmind --clear-static-content
php bin/magento setup:upgrade
-
Step 4:
Flush any cache that you might still have enabled on your server or in Magento. -
Step 5:
Woohoo, the extension is installed!
How to Upgrade the extension.
- Step 1. Remove extension code under app/code/WeltPixel/Maxmind before adding the new extension files. The extension may be refactored and old unused files may cause random issues so it's best to only keep the latest version of the files.
- Step 2. Follow normal installation instructions above.
How to Configure Maxmind Fraud Prevention in Your Magento Store?
In Admin > WeltPixel > Maxmind configuration > General Configuration, you can find the following settings:
- Enable [Yes / No] - Enable/disable the Maxmind module.
- minFraud API Service - Select the right Maxmind minFraud Service for your business. For more details about the available services, check out the official Maxmind minFraud Service page.
- Enable Chargeback Reporting - If Enabled, you can report Chargebacks to Maxmind. Go to an order and click on Chargeback to report chargeback.
- Score Threshold - Set the risk score threshold. All orders which receive a Maxmind Score above this threshold will appear in red (in the Order Grid and on the Order Page) in order to get your attention.
- Hold Order [Yes / No] - Allows you to place on hold all orders that have been scored above the Score Threshold in order to allow you to decide upon the next steps.
- Disable MaxMind checks for Admin Order [Yes / No] - Set this option to No to ensure orders placed via the Magento Admin are also scored by the selected Maxmind API.
- Send email when order status is 'On Hold' [Yes / No]
- Email address - Email address for notifications
- Email Subject - Customize email subject
- Email Content - Customize email content
- Force IP - For debug only, this IP will overwrite the order IP address. Leave this field blank when you are using the module on a live store. If you are testing on a local installation or in an environment using a private IP, make sure to enable this option and add here a Public IP address in order to be able to use Maxmind Services on local environments.
- IP Exceptions - Add IPs separated by comma. Orders placed from these IPs will not be checked for possible fraud.
- Minimum Order Amount - Minimum amount for the order to be checked for possible fraud. All orders above this threshold will be checked for possible fraud. Leave the field blank if you want all orders to be checked.
- Defer the Maxmind JS - If enabled, the attribute “defer“ is added to the Maxmind JS script in order to speed up page loading.
How to Edit Connection Configuration Settings for Maxmind Fraud Prevention Magento?
In Admin > WeltPixel > Maxmind configuration > General Configuration, you can find the following settings:
- Api Hostname - MaxMind automatically picks the data center geographically closest to you. In some cases, this data center may not be the one that provides you with the best service. You can explicitly try the following hostnames to see which one provides the best performance for you.
- MaxMind License Key - The license key obtained from the MaxMind website. In case you're using the Legacy minFraud services, please ask for this to be enabled on your MaxMind account.
- Disable cURL Server Certificate Check - For temporary server certificate issue. You can set cURL to accept any server(peer) certificate.
Using the Extension.
How to Assess the Risk Score for an Order in Magento?
In Admin > Sales > Orders > you can check in the last column “Fraud Estimation” the risk score othe every order.
If an order has a risk score above the set threshold, you can view the score with red color. Depending on settings set, the order are automatically set ON HOLD.
How to View Maxmind Fraud Prevention Reports in Magento?
In Admin > Sales > Orders >View > Maxmind Fraud Detection you can check the entire report data.
In this tab you can find more information (depending on your MaxMind API service) about:
- Risk score - The risk score assigned to the order.
- Chargeback Reporting - Ability to report the current order as a Chargeback.
- MaxMind Account information - Information about your account (Request type, ID, remaining credit).
- IP Address Checks - Information regarding the location where the order was placed.
- Email Checks - Information about the email address used.
- Billing/Shipping Addres checks - Information about billing and shipping addresses used.
- Subscores Checks - Numerical evaluation of the risk associated with each factor.
- minFraud Inputs - A series of inputs sent to MaxMind in order to calculate the risk score.
All this information is visible to the administrator. Based on this information you can decide what to do with the orders which are above the threshold score and are set automatically ON HOLD if the Hold order option is set to Yes.
Note: There may be certain pieces of information missing in this section. This is very likely because Magento does not store this information, and is therefore unable to send it to MaxMind.
Compatibility | Magento Open Source, Magento Commerce, Magento Commerce Cloud B2B |
---|---|
Hyva Theme Compatibility | 1.3.6, 1.2.9, 1.1.26 |
Magento version | 2.0, 2.1, 2.2, 2.3.x, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7 |
Update frequency | Monthly or each time a new Magento version is released |
Support period | 12 Months Included Support, with options to extend |
Refund period | 30 days, for any reason |
Updated | November 26, 2024 |
Latest version | 1.14.9 |
Code | 100% Open Source Code |
Bundle options | For best value buy it as part of the Pearl Theme or Stack Framework |
MaxMind Change Log.
What’s new in v.1.14.9 - November 26, 2024
- Added minor Magento Admin adjustments to the module status section for increased clarity and compatibility with server-side Social Pixel addons.
What’s new in v.1.14.7 - October 11, 2024
- Compatibility: Introduced compatibility with the latest Magento 2.4.7-p3, 2.4.6-p8, 2.4.5-p10 and 2.4.4-p11 versions, which come with critical security adjustments for the platform. Magento 2 merchants are urged to upgrade to the latest patches ASAP.
- Fixed an error that would sometimes be thrown in the Magento logs which was caused by the extension attempting to score an order even when a valid Maxmind license key wasn't added to the Magento Admin extension configuration.
- Added various code updates for increased security around the licensing functionality as well as the Help Center and WeltPixel Developer Magento Admin sections.
What’s new in v.1.14.5 - August 23, 2024
- Compatibility: Compatibility: Introduced compatibility with the latest Magento 2.4.7-p2, 2.4.6-p7, 2.4.5-p9 and 2.4.4-p10 versions, which come with critical security adjustments for the platform. Magento 2 merchants are urged to upgrade to the latest patches ASAP.
- Tagged extension's frontend and admin inline scripts with nonces to account for recent Magento CSP requirements. In most cases, CSP reports would not impact functionality, but a proactive approach was taken to ensure the module is future-proof.
What’s new in v.1.14.3 - June 20, 2024
- Compatibility: Introduced compatibility with the latest Magento 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 versions, which come with critical security adjustments for the platform. Magento 2 merchants are urged to upgrade to the latest patches ASAP.
- New Feature: Added a new section in the Magento Admin that checks to make sure the latest product version is installed and notifies in case an update is available, as well as a button that allows for new features to be requested.
What’s new in v.1.14.1 - April 19, 2024
- Confirmed compatibility with the latest Magento 2.4.7 release, as well as newly released 2.4.6-p5, 2.4.5-p7 & 2.4.4-p8 Security Patches.
- Confirmed compatibility with PHP 8.3 on the Magento 2.4.7 release. PHP 8.2 is also supported for this Magento version.
- Added security improvements to the Backend module's license verification process.
What’s new in v.1.11.21 - January 9, 2024
- New Feature: Added Maxmind scoring via all API versions for orders placed via the Magento backend as well. This feature can be enabled/disabled via an admin configuration option.
- Fixed an error that would, in certain cases, be thrown when updating customer email addresses in the Magento backend with the extension enabled.
- Fixed an error that would be thrown in the WeltPixel -> Extensions Version admin section when a module's composer.json file was missing the version node.
What’s new in v.1.11.19 - October 19, 2023
- Fixed an issue that would prevent an order from loading in the Magento Admin section when the Maxmind score could not be fetched. This likely happened when the Maxmind API was not accessible.
- Optimized the license verification process for increased Magento Admin performance, as well as to account for licensing server downtimes.
- Fixed an issue that would sometimes result in an error being thrown when using older PHP versions, such as PHP 7.4.
- Confirmed compatibility with the newly released Magento 2.4.6-p3, 2.4.5-p5, and 2.4.4-p6 Security Patches.
What’s new in v.1.11.17 - June 28, 2023
- Fixed a bug that prevented the extension from providing Fraud Score information on Magento 2.4.6 specifically.
- Confirmed compatibility with the latest Magento Security Patch releases 2.4.6-p1, 2.4.5-p3 and 2.4.4-p4.
- Fixed an error related to PHP 8.2 that would show when accessing the WeltPixel Debugger.
- Added .localdev as a universally accepted licensing domain.
What’s new in v.1.11.15 - March 22, 2023
- Fixed an error that would sometimes be thrown in the WeltPixel Debugger, depending on various server permissions.
- Added compatibility with the latest Magento 2.4.6 and 2.4.5-p2 versions.
What’s new in v.1.11.11 - November 23, 2022
- Confirmed compatibility with the latest Magento Security Patch releases 2.4.5-p1 and 2.4.4-p2.
What’s new in v.1.11.7 - September 1, 2022
- Performed various code cleanups related to PHP 8.1.
- Confirmed compatibility with the latest Magento 2.4.5 and 2.4.4-p1 versions.
- Updated installation/upgrade scripts to use data patches.
What’s new in v.1.11.1 - April 25, 2022
- Fixed an incorrect licensing message on B2B Magento Enterprise instances which would display when an invalid license was entered.
- Confirmed compatibility with the latest Magento 2.4.4 and 2.3.7-p3 versions as well as PHP 8.1.
What’s new in v.1.10.17 - October 22, 2021
- Confirmed compatibility with the latest Magento 2.4.3-p1 and 2.3.7-p2 versions.
What’s new in v.1.10.15 - August 31, 2021
- New Feature: Added a new admin option that can be used to defer JS in order to improve page loading performance.
- Confirmed compatibility with the newly released Magento 2.4.3, 2.4.2-p2 and 2.3.7-p1 versions.
- Added .localhost as an accepted domain termination for the licensing process.
Version 1.10.11 - July 7, 2021
- Set scoring of all Payment Methods to be enabled by default.
- Added improvments to the WeltPixel Developer Magento Admin section. Latest Cron Jobs now lists the last 100 executed Cron Jobs.
Version 1.10.9 - May 18, 2021
- Confirmed compatibility with the newly released Magento 2.3.7 and 2.4.2-p1 versions.
Version 1.10.7 - March 26, 2021
- New Feature: Added options for including/excluding Device Tracking from specific page types. This granularity ensures the tracking script only initializes where it needs to and avoids performance issues.
- New Feature: Added options for including/excluding MaxMind scoring for specific Payment Methods. This ensures MaxMind credits are only used for required Payment Methods and saves costs.
- New Feature: Added the possibility of enabling/disabling Device Tracking from the Magento Admin options.
- Removed time zone from device tracking data. This prevented the device tracking from functioning in certain cases.
- Excluded Magento 2.0.x - 2.2.x from new features and fixes starting with this release.
- Adjusted WeltPixel Developer section comments.
Version 1.10.5 - February 12, 2021
- Confirmed compatibility with the newly released Magento 2.4.2 version.
- Added additional backend versioning verifications.
- ackend module code optimizations.
Version 1.10.1 - October 22, 2020
- New Feature: Added Device Tracking functionality based on MaxMind Services.
- Added the possibility of including multiple email senders for the Hold Order email via the backend settings.
- Confirmed compatibility with the newly released Magento 2.4.1 version.
Version 1.10.0 - August 10, 2020
- Confirmed compatibility with the newly released Magento 2.4.0 version.
Version 1.9.8 - July 6, 2020
- Fixed an issue that prevented the Exclude IP configuration option from working correctly. Orders from IPs listed here still received scoring from MaxMind. This should now function correctly.
- Added an option to choose the desired email sender for the Hold Order Email functionality.
- Whitelisted domain for Content Security Policies introduced in Magento 2.3.5.
Version 1.9.7 - May 7, 2020
- Confirmed compatibility with Magento 2.3.5.
- Implemented small Backend performance optimizations.
- Added nxcli.net (Nexcess temporary URL) as a valid domain in the licensing process.
- Added an option in the Developer section to allow for switching Magento's CSP between "report-only" and "restrict".
Version 1.9.6 - April 9, 2020
- Added MaxMind scoring to orders placed via API.
- Fixed a Backend issue on Magento Commerce whereby the Category Schedule functionality was not working properly.
Version 1.9.5 - March 10, 2020
- Added backend Google reCaptcha compatibility for Magento 2.3.x
Version 1.9.4 - February 5, 2020
- Fixed an error that occurred when creating orders via the Admin Section - the module no longer scores these orders.
- Added translations.
- Code enhancements for increased security. Changed User Group info collection method.
- Confirmed compatibility for Magento 2.3.4.
Version 1.9.3 - January 15, 2019
- Added support for the new Maxmind minFraud API (Score, Insights, Factors).
- Added the possibility of reporting Chargebacks.
Version 1.9.2 - November 27, 2019
- Fixed an error which occured upon module upgrade, in certain scenarios depending on the previous version.
- Added Magento and PHP version in the WeltPixel Developer section.
Version 1.9.1 - October 16, 2019
- Confirmed compatibility with the latst Magento 2.3.3 version.
- Included the WeSupply Toolbox integration extension - Proactive Notifications Email & SMS, Returns & RMA, Store Locator, Delivery Date Estimate, Logistics Analytics, NPS & CSAT score. Get Free on-boarding and launch within 24 hours.
Version 1.9.0 - July 18, 2019
- Confirmed compatibility with Magento 2.3.2.
- Added HTTPS endpoint for licensing process.
Version 1.8.5 - June 7, 2019
- Small performance improvements.
Version 1.8.4 - April 25, 2019
- Added PHP version in the WeltPixel Developer Section.
Version 1.8.3 - April 3rd, 2019
- Confirmed compatibility for Magento 2.3.1.
Version 1.8.2 - January 24, 2019
- Helpcenter adjustment, removed zendesk iframe and added a simple link to our Support Center in order to avoid any potential conflicts with other admin js added by 3rd party extensions.
- Fix for multiple rewritten ImageFactory classes, rewrite check validity, rewrite checks optimizations.
Version 1.8.0 - December 8, 2018
- Compatibility adjustments for Magento 2.1.16/2.2.7/2.3.0.
- PHP 7.2 compatibility added.
- As Magento 2.3 comes with major core changes, we have provided a different set of files in order to achieve the best performance on each version.
Version 1.7.5 - October 24, 2018
- Added detailed error messages for invalid licenses for an easier identification of the cause.
- License improvements, added *.magento.cloud as a valid test domain for Enterprise Cloud environments. Now both ‘magentosite.cloud’ and ‘magneto.cloud’ can be used for testing purpose with the production domain license.
Version 1.7.4 - August 25, 2018
- Admin menu styling to fit screen size 1366px.
- Fix for production mode with merged JS - missing color pallet display now fixed.
Version 1.7.3 - August 23, 2018
- License improvements, adding *.magento.cloud as a valid test domain.
Version 1.7.2 - August 2, 2018
- Fixed admin random logout issue.
- Licensing improvements, allowing 3 letter domain as valid domain.
What's new in v.1.7.1 - July 11, 2018
- Compatibility with Magento 2.2.5 both Open Source & Commerce Cloud B2B.
- Added domain.test & [any_subdomain].domain.test to the list of valid urls for staging/development environments. Added domain validation with port number included for licensing purpose.
- Added licensing compatibility with Magento B2B.
Version 1.7.0 - July 5, 2018
- Added option to enable/disable WeltPixel admin notifications.
- Show store and server related information under debugging tab: Magento Mode, Magento Edition, Server User, Magento Installation Path, Current server time, Latest cron jobs.
- Added licensing, license key needs to be generated under weltpixel.com account for purchased product, based on domain name and added under your magento installation.
Version 1.1.1 - May 16, 2018
- Compatibility with Magento 2.2.4, logger broken reference fix, changed to rewrite from plugin.
Version 1.1.0 - February 13, 2018
- Added email notification functionality. Now you can configure to receive an email once an order is placed "On Hold" due to high risk fraud score.
Version 1.0.7 - January 12, 2018
- Added version control for installed WeltPixel modules, including latest version check.
Version 1.0.6 - December 14, 2017
- Added Support Center functionality in Magento Admin.
- Added Debugger functionality, checks for rewrites and points potential issues.
- Unserialization UTF8 decode fix.
Version 1.0.4 - 04/10/2016
- Composer dependency version changes
Version 1.0.2 - 02/09/2016
- Added admin notifications
Version 1.0.1 - 05/05/2016
- Removing the unnecessary dependency