Callum MacGregor Posted November 30, 2023 Share Posted November 30, 2023 Hello I think commerce fraud rules are broken. I had a transaction that came back with a 99% risk score from maxmind, but was approved anyway, despite the second rule in my anti-fraud rule set being to refuse any transaction with a score greater than 55%. Link to comment Share on other sites More sharing options...
Marc Posted November 30, 2023 Share Posted November 30, 2023 Is that user a reseller? I ask as they are processed in order. If they are, it will be approved Link to comment Share on other sites More sharing options...
Callum MacGregor Posted November 30, 2023 Author Share Posted November 30, 2023 No, the user is not a reseller. Link to comment Share on other sites More sharing options...
Marc Posted November 30, 2023 Share Posted November 30, 2023 Please provide information on the user there so we can take a look for you. Just the user ID will do Link to comment Share on other sites More sharing options...
Solution Callum MacGregor Posted November 30, 2023 Author Solution Share Posted November 30, 2023 (edited) User ID: 105995 The user is banned now, for obvious reasons, but wasn't at the time. EDIT: I actually think I might know why. Maybe Maxmind changed their API results format, because in the code within Rule.php, the expected syntax is 'riskScore'. But in the maxmind API response, its 'risk_score'. Rule.php: /* Score */ if ( $this->maxmind ) { if ( !$this->_checkCondition( $maxMind->riskScore !== NULL ? $maxMind->riskScore : round( $maxMind->score * 10 ), $this->maxmind, $this->maxmind_unit ) ) { return FALSE; } } Maxmind API response for this particular transaction (redacted): risk_score : 99 Edited November 30, 2023 by Callum MacGregor Link to comment Share on other sites More sharing options...
Marc Posted November 30, 2023 Share Posted November 30, 2023 I have reported this as a bug, as you do appear to be on a later version than when the updates were done for their API. However please do ensure you update to the latest release when you can, to ensure you have the latest bug fixes Link to comment Share on other sites More sharing options...
Callum MacGregor Posted November 30, 2023 Author Share Posted November 30, 2023 Thanks for reporting it as a bug. I'll await the fix as it does appear to still be an issue even in the latest update. Marc 1 Link to comment Share on other sites More sharing options...
Recommended Posts