November 02, 2010
UPDATED March 1, 2020
What is MaxMind minFraud?
MaxMind is an industry –leading provider of geolocation and online fraud detection tools; minFraud is one of their services.
MaxMind minFraud goes beyond the traditional methods of screening for fraud on your card-not-present transactions as the practices to commit fraud are becoming more advanced. It analyzes your transactions from different angles, based on certain patterns that have been related with fraudulent orders, and this way it helps you identify whether your customer is the genuine cardholder or not.
For more information about this risk mitigation service provider, or to sign up for an account today, please visit: https://www.maxmind.com/en/solutions/minfraud-services
To configure MaxMind into your sticky.io Platform instance, you will go to Settings>Providers and under ACTIONS select Add New Provider Profile.Select the type = Risk Management and select MaxMind from the drop down.Fill out the required parameters which are outlined below and click “Save”.
These parameters are briefly described here for your reference:
After you have configured your Risk Management Provider account into your Platform, you will assign it at the campaign level. This means that it will not be automatically enabled on all your campaigns; instead, you will assign it to those campaigns that you choose to assign the risk mitigation protection to.
Additional MaxMind Info
License Key: This will be provided to you by MaxMind.
License Type: This will be provided to you by MaxMind.
Alias: This is the name that you will assign to your risk mitigation provider. It is for internal purposes only; it helps you identify a specific provider account among several accounts in your Platform.
There is also a list of questions that you will have to enable or disable according to the settings that you want to assign to your risk mitigation provider. If you hover over each question you will be able to see its full description. These questions as well as their descriptions are included here:
Check If Billing Country Matches IP Country: Whether the country of the IP Address must match the country of the billing address. If this question is enabled, this means that the country determined from the IP Address MUST match the country of the supplied billing address. If they do not match, the transaction will be denied, if they match the transaction will be allowed to continue.
Check If High Risk Country: Whether the country IP address or billing address country is in Egypt, Ghana, Indonesia, Lebanon, Macedonia, Morocco, Nigeria, Pakistan, Romania, Serbia and Montenegro, Ukraine, or Vietnam. If this question is enabled, the billing country will be checked against this list and if a match is found, the transaction will be denied, if there is no match the transaction will be allowed to continue.
Check if Anonymous Proxy: Whether IP address is Anonymous Proxy (anonymous proxy = very high risk). If this question is enabled, the IP address will be checked to determine if it is an anonymous proxy. If it is determined that it is an anonymous proxy, the transaction will be declined; otherwise the transaction will be allowed to continue.
Check if Open Proxy: Likelihood of IP Address being an Open Proxy. If this question is enabled, a determination will be made if this customer is using an open proxy to spoof their location. Enter in a value from 0...10. If the determined open proxy score is above or equal to your threshold, the transaction will be denied. If the score is less than the threshold, the transaction will be allowed to continue.
Check Email Domain: Whether customers e-mail address is from free email provider (free email = higher risk). If this question is enabled, the domain of the email address will be checked to see if it is from a free email provider. If it is, the transaction will be declined; otherwise it will be allowed to continue.
Check High Risk Email: Whether customers e-mail address is in database of high risk e-mails. If this question is enabled, the email address will be checked against list of known high risk emails. If a match is found, the transaction will be denied; otherwise it will be allowed to continue.
Check if Phone Number is in Billing Zipcode: Whether the customer phone number is in the billing zipcode. If this question is enabled, a check will be done and if the phone number is determined to be outside of the zipcode, the transaction will be denied, otherwise it will be allowed to continue. This only works on US addresses. If the phone number is not found, it will decline the transaction.
Check if Shipping Address is Mail Drop: Whether shipping address is in database of known mail drops. If this question is enabled, the shipping address will be checked against known mail drops. If it is found to be a mail drop, the transaction will be denied; otherwise it will be allowed to continue.
Check if Billing City & State Matches Billing Zipcode: Whether billing city and state match zipcode. If this question is enabled, the billing city and state will be checked against the zipcode. If it is determined that they do not match, the transaction will be denied; otherwise it will be allowed to continue. Only available for US addresses, will be skipped on foreign countries.
Check if Shipping City & State Matches Shipping Zipcode: Whether shipping city and state match zipcode. If this question is enabled, the shipping city and state will be checked against the zipcode. If it is determined that they do not match, the transaction will be denied; otherwise it will be allowed to continue. Only available for US addresses, will be skipped on foreign countries.
Check Risk Score: Fraud score representing the estimated probability that the order is fraud, based off of analysis of past transactions. Enter in a value from 0… 100. If the determined risk score is above or equal to your threshold, the transaction will be denied. If the risk score is below your threshold, the transaction will be allowed to continue.
Please follow this link for additional information about setting risk score:
How will I see the results from MaxMind minFraud in the orders?
When an order fails the fraud screening, the customer will receive just a standard decline message “This transaction has been declined”, same message that the customer would receive with other types of declines.
However, inside your Platform, the declined order will show the actual reason(s) from MaxMind to decline the order. This will be based on your settings with MaxMind minFraud, and you can always review these results under the order history inside the order details. The reasons why an order got declined will also be provided when you export declines data out of sticky.io Platform.
Also, please be aware that any order that has been declined by MaxMind minFraud will not be sent to your gateway, since the order will be declined prior to our system posting it to the gateway. Therefore, you will not be paying for these transactions through your gateway.
On the other hand, when an order passes the fraud screening and is approved by the gateway, it will be posted to your new orders folder. If the new order has no risk at all, the system will have just a standard message under the order history that says “This order passed the fraud screening check”.
If the order passes the fraud screening but still have some risk, then MaxMind will post some additional notes indicating that the order is slightly risky as well as the reasons why is considered slightly risky; this way you can confirm the order if needed.