Solidus integration with Signifyd fraud check service
Ruby HTML
Switch branches/tags
Clone or download

README.md

Solidus Signifyd

Integration with Signifyd that implements a fraud check prior to marking a shipment as ready to be shipped.

Build Status

  • All orders are sent to SIGNIFYD for scoring when they transition to complete.
  • Risk analysis is returned from SIGNIFYD via a webhook and added to order.
  • Orders with a risk score >= 500 (default review disposition threshhold)
    • Paid orders are marked ready to ship.
  • Orders with a risk score < 500
    • Are cancelled.
    • Risk analysis is displayed in admin.

Installation

In your Gemfile:

gem "solidus_signifyd"

Bundle your dependencies and run the installation generator:

bundle
bundle exec rails g solidus_signifyd:install

Create a SIGNIFYD test team within the SIGNIFYD account. The API key is listed on the Teams page after a team has been created.

Create SIGNIFYD notifications for each event type and provide your api_spree_signifyd_orders_path. To work with external webhook in local development you may need to change the rails server default host and enable port forwarding or setup a reverse SSH tunnel.

http://www.example.com/api/spree_signifyd/orders

Cases can be inspected in the SIGNIFYD web console.

Configuration

api_key

Type: string

SIGNIFYD team API key.

exclude_store_credit_orders

Type: boolean Default: false

By default, even orders which are fully paid with store credit are sent to SIGNIFYD. Since this could result in unnecessary charges to a user who is on a "flat rate" plan, we provide the option to skip these orders.

signifyd_score_threshold

Type: integer Default: 500

Automatic approval is granted to orders which have a good "reviewDisposition" or have a score greater than the signifyd_score_threshold.

Risky Orders

Flagging a case as bad in the SIGNIFYD web console will associate a fraudulent case with the order's email. This will cause future orders to drop below the reviewDisposition threshhold of 500 and allow you to inspect a risky order.

Testing

First bundle your dependencies, then run rake. rake will default to building the dummy app if it does not exist, then it will run specs. The dummy app can be regenerated by using rake test_app.

bundle exec rake