Skip to main content
E-commerce|Fraud Analyst / Risk Manager

E-commerce Fraud Detection

Identify suspicious domains and transactions in real-time

Fraudsters use newly registered domains and suspicious infrastructure for payment fraud. EdgeDNS provides instant domain intelligence to help identify high-risk transactions.

The Challenge

E-commerce fraud causes billions in losses annually. Fraudsters frequently use recently registered domains, free email providers, and suspicious hosting to commit payment fraud. Manual review of each transaction is impractical, and rules-based systems generate too many false positives.

The Solution

Enrich transaction data with domain intelligence to identify high-risk patterns. Check domain age, trust scores, bogon IPs, and email authentication to score transaction risk in real-time. Flag transactions involving newly registered domains or suspicious infrastructure for review.

Endpoints Used

Combine these EdgeDNS endpoints to build this solution.

GET
/v1/score/trustTry in Playground

Trust Score: Overall domain/IP reputation assessment

GET
/v1/domain/whoisTry in Playground

WHOIS Lookup: Check domain registration age and ownership

GET
/v1/ip/geolocationTry in Playground

IP Geolocation: Verify IP location matches billing address

GET
/v1/ip/bogonTry in Playground

Bogon Check: Detect spoofed or invalid IP addresses

GET
/v1/score/emailTry in Playground

Email Score: Verify email domain legitimacy

Results You Can Achieve

Reduce fraud losses

Identify high-risk transactions before processing

Lower false positive rates

Objective domain data reduces incorrect declines

Real-time risk scoring

Sub-second enrichment enables checkout-time decisions

Code Example

Fraud risk scoring for transactions

javascript
async function scoreTransactionRisk(transaction) {
  const headers = { 'Authorization': 'Bearer YOUR_API_KEY' };
  const { email, ipAddress, billingCountry } = transaction;
  const emailDomain = email.split('@')[1];

  const [trust, whois, geo, bogon, emailScore] = await Promise.all([
    fetch(`https://api.edgedns.dev/v1/score/trust?domain=${emailDomain}`, { headers }),
    fetch(`https://api.edgedns.dev/v1/domain/whois?domain=${emailDomain}`, { headers }),
    fetch(`https://api.edgedns.dev/v1/ip/geolocation?ip=${ipAddress}`, { headers }),
    fetch(`https://api.edgedns.dev/v1/ip/bogon?ip=${ipAddress}`, { headers }),
    fetch(`https://api.edgedns.dev/v1/score/email?domain=${emailDomain}`, { headers }),
  ].map(p => p.then(r => r.json())));

  let riskScore = 0;
  const riskFactors = [];

  // Domain age check (high risk if < 30 days old)
  if (whois.data.domain_age_days < 30) {
    riskScore += 30;
    riskFactors.push('Recently registered domain');
  }

  // Trust score check
  if (trust.data.score < 40) {
    riskScore += 25;
    riskFactors.push('Low trust score');
  }

  // Geographic mismatch
  if (geo.data.country_code !== billingCountry) {
    riskScore += 15;
    riskFactors.push('IP/billing country mismatch');
  }

  // Bogon IP
  if (bogon.data.is_bogon) {
    riskScore += 40;
    riskFactors.push('Invalid/spoofed IP address');
  }

  return { riskScore, riskFactors, action: riskScore > 50 ? 'REVIEW' : 'ACCEPT' };
}

Learn More

Explore industry standards and best practices related to this use case.

PCI DSS Requirements

Payment Card Industry Data Security Standard

OWASP Payment Security

Web application security testing guidelines

Ready to build E-commerce Fraud Detection?

Get started with 200 free API requests per month. No credit card required.

Get Started FreeTry the Playground

Other Use Cases

Email Marketing / DevOps

Email Deliverability Monitoring

Improve inbox placement with proactive email authentication monitoring

Security Engineer / Compliance Officer

Security Compliance Auditing

Automate security posture assessments for SOC 2 and ISO 27001