less than a minute read • Updated 8 minutes ago
Set up FraudLabs Pro fraud screening
How to set up FraudLabs Pro fraud screening for your Foxy store using the pre-checkout webhook.
FraudLabs Pro is a fraud prevention service that screens order transactions for fraud patterns, validating elements like geolocation, proxy usage, email address, blacklists, and transaction velocity. Its Foxy integration uses the pre-checkout webhook to check each transaction before payment is processed, and provides detailed reports of all screened orders.
FraudLabs Pro offers a free Micro plan for stores with fewer than 500 monthly orders or less than 25K USD in monthly sales — no credit card required.
How to set it up
Integration code
<?php
$rawPost = file_get_contents('php://input');
$cartDetails = json_decode($rawPost, true);
if ($cartDetails == '') {
die;
}
$qty = 0;
$itemSku = '';
foreach ($cartDetails['_embedded']['fx:items'] as $itemId => $itemData) {
$itemQuantity = $itemData['quantity'];
if ($itemData['code'] != '') {
$itemSku .= $itemData['code'] . ':' . $itemQuantity . ',';
}
$qty += $itemQuantity;
}
$itemSku = rtrim($itemSku, ',');
if (preg_match('/^\d+(\.\d)*$/', $qty)) {
$qty = ceil($qty);
}
// Set payment method
$paymentGateway = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:payments'][0]['cc_type'];
if ($paymentGateway == 'plastic') {
$paymentMode = 'creditcard';
} elseif (strpos($paymentGateway, 'paypal') !== false) {
$paymentMode = 'paypal';
} else {
$paymentMode = $paymentGateway;
}
$couponCode = '';
$couponAmt = '';
$couponType = '';
if (count($cartDetails['_embedded']['fx:discounts']) > 0) {
if ($cartDetails['_embedded']['fx:discounts'][0]['code'] != '') {
$couponCode = $cartDetails['_embedded']['fx:discounts'][0]['code'];
$couponAmt = -($cartDetails['_embedded']['fx:discounts'][0]['amount']);
}
}
// Please sign up for an API key at https://www.fraudlabspro.com/pricing if you do not have one
$apiKey = 'ENTER YOUR API KEY';
// Set parameters for fraud checking
$params['format'] = 'json';
$params['ip'] = $cartDetails['customer_ip'];
$params['key'] = $apiKey;
$params['first_name'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['first_name'];
$params['last_name'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['last_name'];
$params['bill_to'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['company'];
$params['bill_addr'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['address1'] . ' ' . $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['address2'];
$params['bill_city'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['city'];
$params['bill_state'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['region'];
$params['bill_zip_code'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['postal_code'];
$params['bill_country'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['country'];
$params['ship_first_name'] = $cartDetails['_embedded']['fx:shipment']['first_name'];
$params['ship_last_name'] = $cartDetails['_embedded']['fx:shipment']['last_name'];
$params['ship_addr'] = $cartDetails['_embedded']['fx:shipment']['address1'] . ' ' . $cartDetails['_embedded']['fx:shipment']['address2'];
$params['ship_city'] = ($cartDetails['_embedded']['fx:shipment']['address1'] != '') ? $cartDetails['_embedded']['fx:shipment']['city'] : '';
$params['ship_state'] = ($cartDetails['_embedded']['fx:shipment']['address1'] != '') ? $cartDetails['_embedded']['fx:shipment']['region'] : '';
$params['ship_zip_code'] = ($cartDetails['_embedded']['fx:shipment']['address1'] != '') ? $cartDetails['_embedded']['fx:shipment']['postal_code'] : '';
$params['ship_country'] = ($cartDetails['_embedded']['fx:shipment']['address1'] != '') ? $cartDetails['_embedded']['fx:shipment']['country'] : '';
$params['email'] = $cartDetails['_embedded']['fx:customer']['email'];
$params['email_domain'] = substr($cartDetails['_embedded']['fx:customer']['email'], strpos($cartDetails['_embedded']['fx:customer']['email'], '@') + 1);
$params['email_hash'] = fraudlabspro_hash($cartDetails['_embedded']['fx:customer']['email']);
$params['user_phone'] = $cartDetails['_embedded']['fx:customer']['_embedded']['fx:default_billing_address']['phone'];
$params['user_order_id'] = substr($cartDetails['_links']['self']['href'], strrpos($cartDetails['_links']['self']['href'], '/') + 1);
$params['amount'] = $cartDetails['total_order'];
$params['payment_gateway'] = $paymentGateway;
$params['payment_mode'] = $paymentMode;
$params['currency'] = $cartDetails['currency_code'];
$params['quantity'] = $qty;
$params['items'] = $itemSku;
$params['coupon_code'] = $couponCode;
$params['coupon_amount'] = $couponAmt;
$params['coupon_type'] = $couponType;
$params['flp_checksum'] = (isset($_COOKIE['flp_checksum'])) ? $_COOKIE['flp_checksum'] : '';
$params['source'] = 'foxycart';
$params['source_version'] = '1.3.0';
$result = http('https://api.fraudlabspro.com/v2/order/screen', $params);
$data = json_decode($result);
function fraudlabspro_hash($s) {
$hash = 'fraudlabspro_' . $s;
for($i=0; $i<65536; $i++) {
$hash = sha1('fraudlabspro_' . $hash);
}
$hash2 = hash('sha256', $hash);
return $hash2;
}
// Approve response for the pre-checkout webhook
$response = array(
'ok' => true,
'details' => ''
);
// Reject response for the pre-checkout webhook
if ($data->fraudlabspro_status == 'REVIEW' || $data->fraudlabspro_status == 'REJECT') {
$response['ok'] = false;
// Notification shown to the customer on the checkout page
$response['details'] = "Sorry, this order is in high risk. Please contact us to continue.";
}
header('Content-Type: application/json');
print json_encode($response);
function http($url, $fields = '') {
$ch = curl_init();
curl_setopt($ch, \CURLOPT_URL, $url);
curl_setopt($ch, \CURLOPT_FAILONERROR, 0);
curl_setopt($ch, \CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, \CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, \CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, \CURLOPT_ENCODING, 'gzip, deflate');
curl_setopt($ch, \CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, \CURLOPT_HTTP_VERSION, '1.1');
curl_setopt($ch, \CURLOPT_TIMEOUT, 60);
if ($fields) {
curl_setopt($ch, \CURLOPT_POST, 1);
curl_setopt($ch, \CURLOPT_POSTFIELDS, (is_array($fields)) ? http_build_query($fields) : $fields);
}
$response = curl_exec($ch);
if (!curl_errno($ch)) {
return $response;
}
return false;
}
?>Notes
This code was submitted by members of the Foxy community and isn't official Foxy code, though we believe it works well. Contact us if you have any trouble.
Orders that FraudLabs Pro marks as
REVIEWorREJECTare both blocked at checkout. You can change the message shown to the customer by editing thedetailsvalue near the end of the code.Fraud protections are configured per payment method set. If your store uses multiple payment method sets, add the pre-checkout webhook to each one you want to protect.