A majority of internet fraudsters use bots, or programmed scripts, to make illegitimate purchases from eCommerce merchants. These fraudulent transactions are expensive and time-consuming for merchants. One way to reduce the amount of fraudulent purchases is to introduce a friction step in the process when an order is suspect. SMS Verification is a valuable tool that uses friction to combat fraudsters.
In the event of a suspect order, SMS Verification requires a customer to verify their order with a secret code that is sent to them via text message. The majority of fraudsters will be halted by the introduction of any level of friction in the purchase process because they are looking for passive victims. However, even fewer fraudsters will be willing or able to send a text message for approval, as this process requires a mobile number and the ability to complete a number of steps. If NS8 Protect notices that a specific phone number is used excessively often for SMS Verification, it will also block that phone number from future requests.
It is important to note that the EQ8 Score for the order will not be changed by SMS Verification.
When an order is flagged for SMS Verification, an email is sent from firstname.lastname@example.org to the email address associated with the order. These orders will be flagged by either turning on the "SMS Verification for Suspicious Orders" setting or creating an Order Rule. While awaiting SMS Verification, the order will be given an NS8 status of "Investigate."
When the user receives this email, they have the option to choose between two links. The first link will prompt them to click and confirm the order, while the second will prompt them to click if they did not place the order.
When a customer clicks on the link to confirm an order, they will be directed to a screen to enter a mobile number framed inside your website, like the sample below.
After they enter a mobile number, the customer is prompted to enter a confirmation code.
Upon successful entry of the confirmation code, the user is notified.
Within NS8 Protect, the order will show an NS8 Status of "Approved," the SMS Check field will show "Passed," and the SMS Check Number field will show the phone number used to verify.
If a user mistypes the confirmation code, they will be given an error message. The customer can use the back button in their browser to return to the entry screen and try again.
When a customer clicks on the link to deny an order, they will be directed to a web page framed within your website to reject the order.
If they click on the "I did not place this order" button, they will be given a message letting them know the order has been cancelled and the merchant has been notified.
The order will now show an NS8 Status of "Cancel" and the SMS Check field as "Rejected." The order will not be cancelled until you manually cancel the order or it is cancelled by an Order Rule. However, please note that not every eCommerce platform will allow automated cancellation of an order. The Order Details section of the Suspicious Order screen will also indicate that order was rejected by the EQ8 Score as shown below.