Merchant received a “high risk of fraud” order with multiple red flags: prior-fraud similarity, billing ZIP mismatch, IP ~2190 km from shipping, billing in Mexico but order from U.S.; email looks suspicious and shipping address is a trucking company.
Recommended actions:
Verify the order: contact the customer, confirm details, and request ID matching the card. If unverifiable, cancel/refund for safety to avoid chargebacks (which can jeopardize Shopify Payments).
Add protection via Fraud Filter app to auto-flag/cancel risky orders.
How to decline: cancel the order in Shopify and choose “Fraudulent order”; customer is notified and refunded.
Fees/chargebacks concern: Merchants report losing non-refundable credit card fees on canceled fraud orders. A suggested workaround is switching to manual payment capture (authorization only), verifying orders first, then capturing payment to reduce refund/chargeback exposure. This raises a concern that all orders would need manual approval, which may be time-consuming.
Key terms: AVS (Address Verification System) and CVV (Card Verification Value) checks help validate cardholder data; manual capture delays charging until approval.
Status: No definitive resolution; decision left to the merchant, with risk and fee trade-offs clearly outlined.
I just received an order saying: “high risk of fraud detected” And the final review says
Negative
Characteristics of this order are similar to fraudulent orders observed in the past
Negative
Billing address ZIP or postal code doesn’t match credit card’s registered address
Negative
Shipping address is 2190 km from location of IP address
Negative
The billing address is listed as Mexico, but the order was placed from United States
Neutral
Card Verification Value (CVV) isn’t available
Neutral
Location of IP address used to place the order is Los Angeles, California, United States
Positive
Billing street address matches credit card’s registered address
Positive
There was 1 payment attempt
Positive
Payment was made with 1 credit card
Positive
The IP address used to place the order isn’t a high risk internet connection (web proxy)
Should I decline this order? The e-mail is kind of suspicious with only numbers before [email removed] I also checked the shipping address and it’s a trucking company.
Have you received an order from this person before? Our fraud analysis system does a thorough analysis to determine each order’s risk level. Ultimately, the decision is up to you if you feel comfortable fulfilling the order. It’s important to note that fulfilling high-risk orders can result in a higher number of chargebacks and that can result in disabling payment processing and removal from Shopify Payments.
I highly recommend reaching out to the customer to verify some of the order details and provide an ID matching the card used to purchase before you move forward with this order. Verifying the order is a way to confirm the identity of the customer (or the credit card) and to protect yourself from a chargeback. Typically, if you’re unable to verify an order with high risk, then we’d encourage leaning to the side of safety and refunding the order.
I wanted to recommend an app; if you are looking for another layer of protection outside of our fraud analysis, take a look at Fraud Filter, you can use this app to create your own rules that would either flag or cancel your orders that came through as high risk.
Please let me know if you have any further questions!
Is there a way to DECLINE the order if the order is deemed fraudulent? I lost $9.00 in cc fees since Shopify no longer refunds the cc fees. I know you can set the system to DECLINE if the AVS and/or the CVS fails, but the highly obvious fraudulent orders should be declined as well.
Hi, so how do we get the fees back that Shopify charged for the order since we have to cancel the order for being fraudulent? There should be a way and if not it is highly inconsiderate of Shopify to charge their users for things we can not control .
Do you have automatic payment capture enabled by chance? That might be the issue.
Even though you might decline and refund a risky order, the cardholder can still initiate a chargeback because the funds were charged to the credit card at the time of the order.
What you can do to avoid these is set up manual payment capture. When the customer places and order, it still “holds” the charge on their card. But this gives you a window (30-60 days depending on the bank issuer of the card) to make sure it’s not a risky order.
Once you’ve verified the order isn’t risky, either through contacting the customer, asking for additional details like email, phone or ID verification, then you can manually charge their card.
We wrote a short blog post on the difference between manual vs automatic charging, and the details of how switching to manual charging avoids these chargeback fees:
Hey Ok so what you’re telling me is I would have to manually accept EVERY order that’s placed on my website and not just orders that are flagged as fraudulent by Shopify ? If so that is very time consuming