Jump to content
nrlatsha

[Contribution] Credit Card Fraud Detection Service

Recommended Posts

This is the official support thread for:

 

Credit Card Fraud Detection Service - MaxMind

 

This will allow the the owner to query the MaxMind servers to place a risk score with credit card transactions.

 

This idea came from the thread: [TIPS] How to prevent fraud transaction

 

Questions, concerns, problems?

 

I'll get around to them as quickly as I can.

 

Get it here: http://www.oscommerce.com/community/contributions,2115

 

Noel

Edited by nrlatsha

9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

The check will be done when the customer checks out of the store (if they paid with a credit card)

 

It inserts the reply back from MaxMind into the database so you don't query them every time you pull up the order page.

 

You can view an image here: http://www.nabcomdiamonds.com/catalog/images/maxmind.jpg


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

This is a good start, but there are some problems. I haven't solved all of them yet.

 

1. It assumes that there has been a customer_ip_address field added to the orders table and that it is filled in already by checkout_process.php. This is not standard in osC and has to be added.

 

2. There is a missing ?> at the end of the close comment for the addition to orders.php.

 

3. Instructions for where to fill in the license key are missing. It's sort of obvious, at least to me, but may not be to others - especially if they don't look at maxmind.php.

 

4. The names of the array keys as returned from Maxmind are mostly wrong. For example, 'bin_name' should be 'BinName'.

 

This last one I don't have sorted out yet.

 

The first three illustrate why I use a "clean" copy of osCommerce to test my contributions. The fourth has me puzzled, as I don't see how this could have worked for you as-is.

 

Thanks very much for getting us this far!

Share this post


Link to post
Share on other sites

Another couple of issues - the state isn't set right. The orders table field customers_state isn't what Maxmind wants - it wants the two-character abbreviation. Working on that.

 

The orders display shows the bin country twice.

Share this post


Link to post
Share on other sites

stevel -

 

1. You're right, shoulda stated that, or sent that to maxmind via the same call. -Fixed with IP get on that page, not from DB anymore.

 

2. Missed that one all together, actually the instructions should have said to replace that one. - updated instructs

 

3. License key is not required. Non-issue

 

4. The name keys as returned from maxmind are correct, I just called them something differently, but thats the backend and not the front, I suppose thats pretty, but for now, non-issue

 

5. I don't use clean copies for mine, I suppose I should, but haven't had any trouble so far. Plus I have good testers... :lol:

 

New post. -

 

Have that sorted with a new db call... and fixed instructs for bin country.

 

I think that should be all, but can't guarantee, they are still blocking me... :(


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

Sorry, I don't agree on the "non-issues". The array returned from Maxmind has different key names than what you use to index $h. You will get blank returns with the code you have.

 

I also don't see how you can get by without a license key. Oh, yeah, you can do a few, limited queries without one. With a license key (which is free), you can get more info and lots more queries.

 

Here's what I have for processing the return array:

                          'order_id' => $insert_id,
                         'distance' => $h['distance'],
                         'country_match' => $h['countryMatch'],
                         'country_code' => $h['countryCode'],
                         'free_mail' => $h['freeMail'],
                         'anonymous_proxy' => $h['anonymousProxy'],
                         'score' => $h['score'],
                         'bin_match' => $h['binMatch'],
                         'bin_country' => $h['binCountry'],
                         'err' => $h['err'],
                         'proxy_score' => $h['proxyScore'],
                         'spam_score' => $h['spamScore'],
                         'bin_name' => $h['binName'],
                         'ip_isp' => $h['ip_isp'],
                         'ip_org' => $h['ip_org']);

Share this post


Link to post
Share on other sites

My fault, I thought your were referring to something else, the dbase table names, you're right on that. :rolleyes:


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites
I also don't see how you can get by without a license key.  Oh, yeah, you can do a few, limited queries without one.  With a license key (which is free), you can get more info and lots more queries.

 

Here's what I have for processing the return array:

20 requests per IP, per day, yeah, I think people can get by.


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

It would be cleaner if the 'maxmind.php' were a function call rather than just required into order_process.php. That way you don't "pollute" the variable namespace of order_process. Also, why not just reference $order rather than querying the database for the info just added? It's available...

Share this post


Link to post
Share on other sites

There is somewhere in the contributions section a contribution which does exactly what you are asking for, saving the IP address with the order ...


Antonios

 

olympicslogo_en.gif

Share this post


Link to post
Share on other sites

Remove "customer_ip_address" from the query at the top of maxmind.php, and then replace the use of it as follows:

$h["i"] = tep_get_ip_address();    // set the client ip address

Share this post


Link to post
Share on other sites
ok, how can i fix the empty or not available customer_ip_address field ???

 

regards john

Taken care of, download latest release.


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

I did upload the wrong ones.... Gimme a couple minutes and look for 1.3


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

I have installed the contribution but I am not seeing anything on the orders.php page in the admin.

 

I am using the following contribution for my CC processing

"Authorize.net Consolidated v.1.0 for AIM" http://www.oscommerce.com/community/contributions,1453

 

Could this be causing some troubles?

 

Any help would be so greatly appreciated.

 

 

Thank yoiu

Share this post


Link to post
Share on other sites
I have installed the contribution but I am not seeing anything on the orders.php page in the admin.

 

I am using the following contribution for my CC processing

"Authorize.net Consolidated v.1.0 for AIM" http://www.oscommerce.com/community/contributions,1453 

 

 

 

Could this be causing some troubles?

 

Any help would be so greatly appreciated.

 

 

Thank yoiu

 

You don't see anything on the order page in admin? Even on previous orders, you should see something, as long as it was a credit card purchase.

 

Anybody here use Auth.net and does this work for you?

 

1. Check to see if you see anything under the order details for this.

 

2. Look over the instructions and make sure you did them all.

 

3. If that still doesn't work, post here and we'll go from there.


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

That is correct, I do not see anything on any of my orders. I have gone through the instructions a couple times and I see that I missed anything.

 

I also do have the IP address Collector contribution. It used to pull the IP of the customer when they placed an order and it was displayed on the orders.php page but for the test trascations I have run as no longer show the IP (just blank).

 

Thanks

Share this post


Link to post
Share on other sites

I'm gonna download and take a look at that contrib, see if I can't find something for ya.

 

In the mean time, could you check your database table orders_maxmind and see if thats getting populated with information? Then at least half of its working...


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

What does it show in orders.php for cc transactions? Does it show cc owner, first 4 numbers, anything?


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

Noel,

 

Thanks man for your help, I really appreciate it.

 

OK, I check the database and no content is in the "orders_maxmind" database.

 

On the orders.php page, it simply shows

 

Order Number: 29 

Payment Method: Credit Card Via Authorize.net

 

With this Authorize.net contribution I don't believe it is suppose to show the last four CC#'s

 

Thanks again

Share this post


Link to post
Share on other sites

What version of OSC are you running?


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

hi, so far so good... now i get

url http://www.maxmind.com/app/ccv2r?i=217.225.19.221&domain=testserver.de&city=Rietberg?ion=&postal=76676&country=DE&bin=375025&clientAPI=PHP/1.0 
Warning: Cannot modify header information - headers already sent by (output started at /home/www/htdocs/testserver.de/includes/modules/maxmind/HTTPBase.php:108) in /home/www/htdocs/testserver.de/includes/functions/general.php on line 29

@ checkout and due to error cant checkout !!!

 

regards john

Share this post


Link to post
Share on other sites

Delete the extra line at the end of HTTPBase.php...


9 times out of 10 its a PEBCAK Error (Problem exists between chair and keyboard)

 

Replace that and you're fine...

Share this post


Link to post
Share on other sites

Parse error: parse error, unexpected $ in /home/www/htdocs/testserver.de/includes/modules/maxmind/HTTPBase.php on line 205

Fatal error: Class creditcardfrauddetection: Cannot inherit from undefined class httpbase in /home/www/htdocs/testserver.de/includes/modules/maxmind/CreditCardFraudDetection.php on line 23

 

i have deleted

    // get the keys and values from
   // the string content and store them
   // the hash named outputstr

   // split content into pairs containing both 
   // the key and the value
 //  $keyvaluepairs = explode(";",$content);

   //get the number of key and value pairs
  //   $numkeyvaluepairs = count($keyvaluepairs);

   //for each pair store key and value into the
   //hash named outputstr
 //    for ($i = 0; $i < $numkeyvaluepairs; $i++){
     //split the pair into a key and a value
  //     list($key,$value) = explode("=",$keyvaluepairs[$i]);

     //store the key and the value into the
     //hash named outputstr
  //     $this->outputstr[$key] = $value;
 //  }
 //    return 1;
 //  }
//  }

from httpbase

 

regards john

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×