Script to screen online fraud

[chrislim2888]

This sample code shows you how to screen an order by entering all the relevant information into the request parameters.

Code: Select all

<?php
$apiKey = '<Get a free license key from fraudlabspro.com>';
$params['format']           = 'json';
$params['ip']               = $_SERVER['REMOTE_ADDR'];
$params['bill_city']        = 'Cleveland';
$params['bill_state']       = 'OH';
$params['bill_zip_code']    = '44115';
$params['bill_country']     = 'US';
$params['ship_addr']        = '4987 Bingamon Road';
$params['ship_city']        = 'Cleveland';
$params['ship_state']       = 'OH';
$params['ship_zip_code']    = '44115';
$params['ship_country']     = 'US';
$params['email_domain']     = 'gmail.com';
$params['phone']            = '440-5551961';
$params['email_hash']       = fraudlabspro_hash('user@gmail.com');
$params['username_hash']    = fraudlabspro_hash('kevinowen');
$params['password_hash']    = fraudlabspro_hash('3X2hd8cWNw9q');
$params['bin_no']           = '558265';
$params['bank_name']        = 'Bank of Ocean View';
$params['bank_phone']       = '212-500-2489';
$params['card_hash']        = fraudlabspro_hash('5582657189029269');
$params['avs_result']               = 'Y';
$params['cvv_result']               = 'M';
$params['user_order_id']    = '7893';
$params['amount']           = '99.95';
$params['quantity']         = '1';
$params['department']       = 'Online Store';
$params['payment_mode']     = 'creditcard';
 
$query = '';
 
foreach($params as $key=>$value){
    $query .= '&' . $key . '=' . rawurlencode($value);
}
 
$try = 0;
do {
    $result = file_get_contents('https://api.fraudlabspro.com/v1/order/screen?key=' . $apiKey . $query);
} while(!$result && $rty++ < 3);
 
$data = json_decode($result);
 
echo '<pre>';
print_r($data);
echo '</pre>';
 
function fraudlabspro_hash($s){
    $hash = 'fraudlabspro_' . $s;
    for($i=0; $i<65536; $i++) $hash = sha1('fraudlabspro_' . $hash);
 
    return $hash;
}
?>



[seandisanti]

It seems a little silly to expect people to send absolutely all of the info necessary to commit fraud to an unknown 3rd party to find out if it's a fraudulent transaction. Technically they're should already have a clearing house or payment processor that should be checking responses from the card company anyway. I mean best case scenario, they've just given away all of their customer's transaction and billing information to an unauthorized 3rd party.