Checkout Authentication for WooCommerce Documentation





WooCommerce Anti-Fraud: Checkout Authentication and Anti-Fraud for WooCommerce Documentation




Overview

Checkout Authentication and Anti-Fraud for WooCommerce protects your store by ensuring every checkout is performed by a real customer. It generates a dynamic verification code at checkout and requires manual entry to complete the purchase. This process actively stops bots, spam, and fraudulent transactions. Furthermore, our plugin offers flexible settings and detailed logs, making it an essential tool for woocommerce anti-fraud measures.

Configuring the Plugin

Installation

  1. Download the Plugin: Download the ZIP file for Checkout Authentication for WooCommerce.
  2. Upload and Install: In your WordPress admin panel, go to Plugins > Add New and click Upload Plugin. Then, select the ZIP file, click Install Now, and activate the plugin.
  3. Automatic Table Creation: When activated, the plugin creates a custom log table (cc_verification_logs) in your database to store failed verification attempts.

Advanced Settings Configuration

After installation, adjust all plugin settings via WooCommerce’s Advanced settings. Then follow these steps:

  1. Navigate to Settings: Open WooCommerce > Settings > Advanced and select Checkout Authentication Settings from the Sections dropdown.
  2. Configure Your Options: Change the settings as follows:
    • Cookie Lifetime: Set the duration (in seconds) for the verification cookie (default: 600 seconds).
    • Verification Message: Customize the message shown before the code.
    • Verification Code Format: Pick between “Numeric” (6‑digit) or “Alphanumeric” (6‑character) codes.
    • Error Messages: Set messages for missing or invalid codes.
    • Maximum Failed Attempts: Define how many failed attempts trigger an automatic ban.
    • Ban Duration: Specify the ban duration (in seconds, default: 300 seconds) after too many failed attempts.
    • Banned Error Messages: Customize messages for both automatic and manual bans.
    • Enable Logging: Choose to log failed verification attempts (enabled by default).
    • Log Retention Period: Set how many days to keep log entries (default: 30 days).
    • Manual Ban Duration: Specify the ban duration for manual bans (default: 3600 seconds).
  3. Save Your Settings: Click Save Changes to apply your configuration.

Front-End Checkout

  • Verification Process: When a customer lands on the checkout page, the plugin instantly generates and displays a verification code with a regenerate option. This code, along with your custom verification message, prompts the customer to enter the code to proceed.

  • Error Handling: When the customer enters an incorrect code, the plugin displays a clear error message. Moreover, if the customer exceeds the maximum allowed failed attempts, an automatic ban triggers. For manually banned users, the plugin shows a distinct error message.

  • Order Meta Storage: After a successful checkout, the plugin stores the entered verification code in the order meta using the key _namespace_verification_code. You can review this data in your WordPress admin order details.

Logs & Manual Ban/Unban

  1. Viewing Logs: Open WooCommerce > Checkout Authentication Logs in your admin panel to see detailed logs of failed verification attempts.
  2. Clearing Logs: Click the “Clear Attempts” link to remove logs for a specific user.
  3. Manual Ban/Unban: Next to each log entry, manually ban or unban a user. When you ban a user, they get blocked for the duration you specify in the settings, and they receive a custom manual banned error message on the front end.

Frequently Asked Questions (FAQ)

Q: How does the verification code enhance checkout security?
A: By requiring customers to manually enter a dynamic verification code, the plugin ensures only genuine users complete the checkout. This process actively deters bots and reduces fraudulent transactions. For further insights, visit Anti-Fraud International.

Q: Can I customize the appearance of the verification code display?
A: Yes, you can customize the verification message and button directly in the plugin settings. You may also apply additional CSS customizations through your theme’s stylesheet.

Q: How do I view failed attempts?
A: The plugin logs every failed attempt with detailed information. You can view these logs in the Checkout Authentication Logs section and export them as needed.

Q: What happens if a user exceeds the allowed failed attempts?
A: If a user exceeds the maximum failed attempts, the plugin automatically bans them for the specified duration. In addition, manually banning a user displays a separate error message.

Questions & Support

If you need more help with woocommerce anti-fraud, please Contact our Support. Also, visit the WooCommerce official website for additional resources.