Skip to content
SOptim SOptim / Docs

Fraud Orders

Flag risky orders before you ship them. Even with Bot Shield blocking bot traffic upstream, some fraud sneaks through — stolen cards from real browsers, friendly fraud, reshipper schemes. Fraud Orders scores every new order within ~200ms on behavior signals, BIN reputation, and billing/shipping mismatch so you decide what to ship.

Signals we evaluate

When Shopify fires orders/create, we score within ~200ms:

Signal Weight What it catches
BIN reputation High Card BIN linked to chargebacks across SOptim network
Billing ≠ shipping country Medium Common with reshipper fraud
Velocity High Same hashed-email or IP placed an order in last 24h
Disposable email domain Medium Mailinator, guerrillamail, etc.
Free email + high-value Low Gmail/Hotmail buying $500+ in jewelry, etc.
Address risk Medium Known fraud P.O. boxes, freight forwarders
Bot Shield score at checkout High If we challenged or nearly-blocked the session

The combined fraud score is 0–100 with the same allow/review/hold mapping as Bot Shield.

Order states

State What it means Default action
clear Score < 30 Nothing — fulfill normally
review Score 30–70 Banner on the order in Shopify Admin: "SOptim flagged this for review."
hold Score > 70 Same banner, plus an automated note. We do not cancel for you.

How do I automate the response to fraudulent orders?

Open Bot Shield → Fraud orders → Manage auto-rules and either enable a template or build a custom rule. SOptim then runs the action (cancel, tag for review, or block IP) automatically on every matching order — no manual review needed.

Three one-click templates ship by default:

  • Auto-cancel obvious fraud — Conservative: only fires on the highest Shopify risk recommendation combined with credit-card payment. Cancels with refund + restock, no customer notification.
  • Hold high-value high-risk for review — Tags large orders flagged at medium-or-higher risk with soptim-fraud-review so your team checks before fulfilment. No money moves.
  • Block repeat fraud IPs — When the same IP has triggered three or more auto-cancellations in the past month, add it to the IP block list AND cancel the new order.

The custom builder lets you mix conditions: risk score thresholds, order total, country lists, account age, first-order flag, and shipping ≠ billing country mismatch.

Rules evaluate in priority order; the first match wins so you can't double-action the same order.

What if SOptim cancels an order it shouldn't have?

Every auto-actioned order shows a Revert button in the Fraud orders table. Clicking it flips the audit log to merchant_reverted and the false-positive rate widget updates immediately.

Shopify does not permit un-cancelling an order via its API, so the underlying order stays cancelled — you'll need to contact the customer to re-order. The revert is most useful as a signal to SOptim that the rule was too aggressive and as a feedback loop into the false-positive rate metric.

Where to see flagged orders

Bot Shield → Fraud Orders lists every flagged order with the signals that triggered. Click into one to see the breakdown:

  • Score + each signal's contribution
  • Linked Bot Shield session (if any)
  • Suggested next step (request 3DS retry, ask for ID, refund, fulfill)

False positives

Mark an order "Cleared by merchant" if our flag was wrong. We learn from these per-shop — the same email/IP/BIN won't be re-flagged for 90 days unless a chargeback later proves we were right.

Available on

Starter ($9.99/mo), Pro ($39/mo), Scale ($159/mo).

Last updated: 2026-05-24
Send feedback