FraudLabs Pro has introduced 2 new options in the FraudLabs Pro Fraud Prevention plugin for WHMCS in version 2.4.8 and onward. These options enable you to invoke the SMS verification by “phone number”, or a combination of “phone number + email address”. They are “Verify when new combination of phone number and email found” and “Verify when new phone number found“. Below is where you can configure the settings:
Verify when new combination of phone number and email found
By choosing this option, FraudLabs Pro will check if both the combination of phone number and email address had been previously verified. If a new combination was found, FraudLabs Pro will trigger the SMS verification to re-authenticate the buyer. In other words, suppose a buyer had previously verified the phone number (+123456) with email address (user1@example.com), the verification will be triggered again if the buyer uses the same phone number but a different email address, for example, user2@example.com. This option imposes a stringent authentication to ensure the ownership of the email address and phone number remain intact.
Verify when new phone number found
On the other hand, for this option, the SMS verification will only be performed when the buyer’s phone number hasn’t been verified by the system previously. You can use this option if the phone number is sufficient to authenticate the buyer. And also this is a more cost effective option, as it will only invoke SMS verification when a new phone number entered.
Conclusion
We will recommend the 1st option to verify the combination of phone number + email address. This could prevent the fraudster from keep changing their email addresses while trying to commit fraud activities.