SAFE SMS Verification

SCALEFAST SAFE™


Scalefast Scoring & Anti-Fraud Engine’s unique mandate is to maximize clients’ profits while controlling fraud. It is machine-automated, which allows our clients to scale up aggressively across new markets, optimizing revenues while streamlining costs.


Built inside our payment processing flow, Scalefast SAFE™ evaluates and gives each order a risk score in real-time and determines the appropriate actions to be taken. Orders can either be approved right
away, denied, or undergo extra verification steps.


We score orders by analyzing multiple sources of information including behavioral data analysis. We
augment our decision process with a set of customizable rules and third-party machine-learning scoring algorithms.


For each order, Scalefast SAFE™ searches our data warehouse for similar purchasing behaviors and
compares patterns and outcomes. Properties of an order such as email, IP & shipping addresses, names, payment details, phone numbers, and user account activities are used to retrieve similar orders and to evaluate past activities and behavior.


In addition, our anti-fraud engine allows us to take into consideration other factors such as the distance between buyers' IP and shipping addresses or detect the use of a proxy.


2. SAFE™ - SMS VERIFICATION


Scalefast SAFE™ can optionally provide an extra layer of security by sending customers to a quick 2-step phone verification process (SMS). These steps are only followed once an order has reached a certain risk score or if specific rules have been triggered.

This process has proven to be very effective against repeat buying patterns of digital goods as phone
numbers are used to retrieve similar orders. While it is easier to fake an email or IP address at scale, it is harder with physical devices linked to previous purchases. In addition, our anti-fraud engine allows us to take into consideration other factors such as the distance between buyers' IP and shipping addresses or detect the use of a proxy.


3. HOW CAN WE MANUALLY ACTIVATE SAFE™ SMS VERIFICATION


This functionality also can be forced manually when purchasing some products.
At the back-office product page settings, there is the possibility to set the "Force mobile check" option
to "Yes" in the Risk assessment section.


In orders that contain products with this feature activated, users will have to provide more information
before completing the purchase process.


4. WHEN DOES THE SAFE™ SMS VERIFICATION IS TRIGGERED?


The safe system is triggered most of the time when a possible fraud is detected.


It is applied to all payment methods, however, orders paid with Visa, Mastercard, or cards from banks
with 3D secure protocols are usually valued as a low-risk score, and rarely the SMS verification is
needed.


Our fraud system works on a scoring basis. As scores are added to a series of requirements, the system decides whether to verify the purchase with an additional step or not.

Due to the security vulnerability of the SAFE protocol, Scalefast is allowed to disclose only some of the
main variables that can trigger the SMS verification, which are:


- Order amount with value considered a risk
- Email from a fake domain
- IP away from the sending address
- Use of VPN
- First name, last name, or email with rare symbols
- Many purchases with different emails but from the same IP
- Order from a risk country


5. HOW DOES THIS SMS VERIFICATION SYSTEM WORK?


*SMS verification required email and Order safe check email are informative emails sent to the
customer with validation status of his order.


FRONT PAGE:


In the last step of the checkout process, after the user has entered the payment, he will be requested to review the order.

After confirming all details are correct, the user will place the order.

Activation of the SMS verification:


1. At this step, either the fraud system has been activated by the configuration of the product in
the back office or it works on scoring basis parameters, the user is requested to verify the order.

CHECKOUT_VERIFICATION-12. After clicking on the button “VERIFY YOUR ORDER”, the user needs to select a country, add a
personal phone and select a method to receive a verification code, by SMS or call.

CHECKOUT_VERIFICATION-2

3. The user will receive the code by call or by SMS to his phone depending on his selection. The user
needs to enter this code in the Verification code field.

CHECKOUT_VERIFICATION-3
At the same time, an SMS verification email is sent to the user. In case the user abandons the order
verification page, the order can still be verified through the link in this email.

sms-img-4
If the user clicks on the link and the order has been previously verified, the following message will
display:

sms-img-6
4. If the correct code is entered correctly by the user, the order is registered.

sms-registered-success
At this moment, if the order is considered as low risk, it will be validated automatically, and the user will receive an order confirmation email.


If the order continues considered as high risk by Scalefast SAFE™, the manual verification is activated,
and it requires to be verified by the Scalefast team. Scalefast has a dedicated team to perform this task which can take within 1 to 24 hours, and it will be verified through the back office.


The manual verification is activated when the Scalefast SAFE™ or those of our anti-fraud providers such as Maxmind / Shield / Adyen consider that there is a risk, which is based on multiple parameters.

User cases which may incur delays:

• The customer is on vacation in another country
• The customer has a bank card or a telephone from another country
• The customer has placed several orders in a few days
• The customer's bank has considered the transaction to be a risk
On Scalefast back-office is possible to check when the order needs a manual check. The order status
becomes equal to “Verification Required”.

chrome_2021-04-12_13-49-28