How can I quickly verify low fraud score orders paid via PayPal Express?

2 0 0

Hello!  I've had two orders this week both with low fraud scores, both suspiciously for one of my most expensive pieces that I've never sold one of prior to now.  I have just updated photos but it made me suspicious so the first one yesterday I contacted the person via email, said there was a fraud flag (there wasn't he paid via ShopPay) and asked them to confirm the billing and delivery address which they did.  Today the same piece has been ordered, billing and delivery address is the same, but it's an express delivery order and paid for by paypal express.  Fraud score low by shopify once again, but there's no way for me to check ANY of the billing details at all.  Should I be suspicious?  What if I get chargebacks on EITHER of these - I'm talking over a thousand pounds.  What other checks can I make QUICKLY to avoid accusing what MAY be an entirely legit customer of being a possible scammer?  Any advise would be hugely appreciated!

Replies 2 (2)

Shopify Partner
284 17 61

Hi @stevie_holmes73 


Shopify's fraud analysis can be a hit or miss and it can't accurately predict good orders from bad since it's just a basic fraud analysis. Also Shopify is known to set their fraud analysis to be more sensitive around the holiday season, which can trigger more false positive results. 


You also did the right thing by contacting customer and verifying their information as a precaution. With this said, it's ultimately your decision whether or not you want to process the order. It's just a risk you have to take.


However, with this said, there are a few data points you can check to help you verify the authenticity of the order. 


1. Look at Shopify’s Conversion Summary

One of the lesser-known ways of detecting fraudulent behavior is looking at the conversion summary. You can find this summary in the order detailed page just above the fraud analysis.



Shopify Conversion Summary of a new order coming from an unusual source with only 1 visit with 1 purchase.

The conversion summary includes two important metrics.

A: Session count combined with order count:

A session count is the number of times a customer has been to your site before making a purchase. Shopify also records the total number of orders a customer makes.

The number of session counts is important because it can determine how well the customer knows your brand. Historically, a session count of one as the first purchase is more risk-prone than a customer with multiple sessions before making their first order.

B: Direct versus 3rd party incoming traffic.

Knowing how a customer reached your site can also tell you a lot about fraud behaviors. Normal traffic usually flows from referral sources, such as active marketing campaigns and email newsletters. The other common flow of conversion traffic is through your search engine optimization (SEO) efforts where customers will be coming from search engines like Google. What’s not common is traffic from privacy-focused search engines like DuckDuckgo. DuckDuckgo is a privacy-first search engine that does not track its user. It’s also the default search engine for many web browser that focuses on hiding the web footprints of a user. This information is important because it tells the merchant that the customer who converted over a privacy-focused search engine does not want to be tracked and want to be hidden from normal web traffic.

2. Check The Local Time Zone

What time was the order placed relative to the customer’s time zone? If a customer lists themselves as being located in California, but they placed an order at 4 am in Pacific Time, then you know this could be an indicator of a risky order.

For domestic orders made in Japan where there is no time zone, merchants can check the usual time customers are making orders to compare a given order to the standard.

3. Email Address Domain

You can also tell a lot by looking at the email address domain., and such email addresses are very common and used by a lot of people. What’s less common are temporary or disposable email address domains, such as or People use these temporary email services in order to cheat the system while hiding their identities.

4. Compare the Countries

Oftentimes comparing the countries retrieved from the IP address, billing address, shipping address, and phone number can be a strong indicator of suspicious activities. If any of the countries retrieved from these data do not match, then follow-up with the customer is strongly recommended.


There are a few other tips, but since this post is getting long, I'll leave it as is.

I hope this helps you get started. 


Decrease fraudulent orders, stop chargebacks with Beacon. The most customizable fraud and risk management system built for Shopify businesses
2 0 0

Thanks for that - I've contacted the customer and he seems very legit, and the first customer has confirmed it's arrived via email, so I'm hoping that covers me in the case of any chargebacks.  In both cases I've checked their details are legitimate to the best of my abilities.  The second one has no conversion details which was a bit concerning, but he's messaged several times to say how much he's looking forward to it and spoken about specific things about the design.  I've installed an additional Fraud Detection app on a trial and will see how that works but will browse for something more permanent over the festive period.  Up until now I've only ever had one chargeback which was an error on the customer's part so I DO have faith in the shopify system, but I'm also aware scammers tactics change all the time.