內容簡介
IronPhantom Antifraud 為 WooCommerce 提供即時的詐騙情報,利用 MGFirewallAI 分析結帳和登入事件,幫助商家識別可疑活動,降低詐騙風險。
【主要功能】
• IP 風險分析 – 辨識可疑的 IP 地址
• 數據洩漏情報 – 偵測與已知洩漏有關的電子郵件
• 即時詐騙信號 – 迅速分析結帳和登入事件
• 自動 API 金鑰生成 – 設定精靈可生成個人 API 金鑰
• 商家儀表板 – 監控警報和交易的個人儀表板
• 符合 GDPR 設計 – 僅在明確同意後處理數據
外掛標籤
開發者團隊
② 後台搜尋「IronPhantom Anti-Fraud – Bot Protection, Card Testing & VPN Detection for WooCommerce」→ 直接安裝(推薦)
原文外掛簡介
IronPhantom Anti-Fraud brings AI-assisted fraud detection, bot protection and WooCommerce security monitoring to online stores.
The plugin works in a non-intrusive way by analyzing checkout, order, login, behavioral and technical risk signals in real time. It helps identify suspicious orders, card testing attempts, compromised account indicators, risky IP patterns, VPN/proxy traffic, automated activity, fake checkout behavior and session anomalies before they become a serious operational problem.
IronPhantom is designed for merchants who want more visibility, more control and less noise when reviewing risky WooCommerce activity.
Automated Provisioning
IronPhantom is built for fast activation.
After the merchant accepts the Privacy Policy and enables the service, the plugin can automatically generate a unique API Key linked to the store domain and connect the WooCommerce installation to the MGFirewallAI SaaS environment.
No risk analysis data is sent to MGFirewallAI until the merchant accepts the Privacy Policy and activates the service.
Smart Correlation Engine
Traditional fraud tools often generate too much noise.
IronPhantom focuses on correlated risk signals instead of isolated events. The dashboard is designed to highlight the most relevant suspicious transactions, where multiple indicators suggest a concrete risk.
Examples of correlated signals may include:
Anonymous or high-risk IP address
Email address associated with previous data breaches
Password exposure indicator using privacy-preserving checks where applicable
Repeated checkout attempts
Suspicious user-agent or device behavior
Behavioral patterns compatible with automation
Unusual order or session activity
Technical signals related to suspicious sessions or checkout abuse
This helps merchants focus on the cases that actually require attention.
Decision Support, Not Automatic Checkout Blocking
IronPhantom is designed to support merchant decisions, not replace them blindly.
By default, the plugin does not automatically block the WooCommerce checkout. This reduces the risk of false positives damaging legitimate sales.
IronPhantom is intended to support the merchant before order fulfillment and shipping. When a suspicious transaction is detected, the plugin provides risk context and supporting signals so the merchant can make a more informed decision before dispatching the product.
IronPhantom does not automatically block payments, cancel orders, refund orders, or stop shipments. Any decision to approve, review, verify, hold, cancel, refund, or ship an order remains under the merchant’s control and responsibility.
Instead, IronPhantom provides clear risk signals, context, and decision-support information so the merchant can decide whether to approve, review, verify, hold, refund, cancel, or ship an order.
Advanced mitigation features may be available in future paid or Pro plans, depending on the configuration enabled by the merchant.
Merchant Decision Responsibility
IronPhantom provides risk intelligence, alerts, and decision-support information.
The plugin does not make final business decisions on behalf of the merchant. Decisions such as approving, holding, verifying, refunding, cancelling, or shipping an order remain entirely under the merchant’s control and responsibility.
Risk scores, alerts, provider responses, and behavioral signals are intended to support review workflows and should not be considered a guarantee that an order is fraudulent or safe.
Behavioral AI Sensor
IronPhantom includes an optional behavioral sensor that can monitor interaction patterns such as mouse movement, scroll behavior, click timing, session duration, and technical browser signals.
The sensor is designed to help detect patterns compatible with:
Bot activity
Card testing attempts
Credential stuffing
Automated checkout abuse
Suspicious session behavior
Abnormal interaction patterns
The Behavioral AI Sensor is disabled by default and can be enabled manually from the IronPhantom dashboard after the merchant has reviewed the privacy information and service settings.
The sensor is designed to analyze behavioral and technical patterns. It is not intended to record payment card numbers, CVV codes, plain-text passwords, or the content of private form fields.
In the current testing phase, the sensor may operate in monitoring mode. Advanced mitigation and active response features may be introduced in future paid or Pro plans.
Identity Verification Workflow
For high-risk cases or high-value orders, IronPhantom can support an identity verification workflow through Didit.
Identity verification is handled externally by Didit. IronPhantom does not process or store identity documents, facial recognition data, biometric data, or government document images.
IronPhantom receives only the limited verification result/status required to support the merchant’s risk decision.
Identity verification features may be limited, disabled, or reserved for future paid or Pro plans depending on the current service configuration.
Testing Phase
IronPhantom is currently available for testing and evaluation.
During this phase, merchants may be able to test the plugin and its connected MGFirewallAI risk intelligence features without payment.
Future paid plans may introduce additional features, extended limits, advanced mitigation, identity verification workflows, and enhanced dashboard capabilities.
Key Features
AI-Assisted Risk Intelligence – Detect suspicious order, login, checkout, behavioral, and technical risk signals.
Behavioral AI Sensor – Optional sensor for interaction-based bot and automation detection, disabled by default.
Smart Risk Dashboard – Shows priority transactions where multiple signals indicate a meaningful risk.
Bot & Card Testing Detection – Helps detect patterns compatible with automated checkout abuse and repeated payment attempts.
Credential Risk Signals – Supports checks related to compromised emails and password exposure indicators.
External Risk Intelligence – Supports integrations with providers such as FraudLabs Pro, ProxyCheck, and Have I Been Pwned, where configured.
Identity Verification Support – Optional workflow through Didit for high-risk cases, where available.
Decision Support Mode – Helps merchants decide without automatically interrupting legitimate customers.
Pre-Fulfillment Review Support – Helps merchants review suspicious orders before shipping products.
GDPR-First Approach – Built with data minimization, pseudonymization where applicable, and privacy-aware processing.
SaaS Architecture – Keeps heavy analysis outside the WordPress installation.
Testing Mode Availability – Current testing access may be available without payment while the service is being evaluated.
Privacy & Data Security
IronPhantom follows a Privacy by Design approach.
The system is designed to process only the data required for fraud prevention, bot detection, security monitoring, and risk intelligence.
No risk analysis data is sent to MGFirewallAI until the merchant accepts the Privacy Policy and activates the service.
The Behavioral AI Sensor is disabled by default and must be enabled manually by the merchant from the dashboard.
Data Used for Risk Analysis
Depending on the plugin configuration and WooCommerce event, IronPhantom may process limited technical, behavioral, and transactional metadata such as:
Order ID or transaction reference
Store domain or merchant identifier
Email address or pseudonymized identifier where applicable
IP address
Order amount
Timestamp
Browser and user-agent information
Session and technical metadata
Behavioral sensor signals, if enabled
Risk-related status returned by external providers
Behavioral Sensor Data
If enabled by the merchant, the Behavioral AI Sensor may process interaction and technical signals such as:
Mouse movement patterns
Scroll behavior
Click timing
Session duration
Browser and user-agent signals
Technical indicators related to automation or abnormal sessions
The sensor is intended to analyze behavioral patterns and technical signals. It is not intended to record payment card numbers, CVV codes, plain-text passwords, or the content of private form fields.
Payment Data
IronPhantom does not process, collect, transmit, or store:
Full payment card numbers
CVV codes
Full payment credentials
Plain-text passwords
Banking credentials
Payment processing remains handled by the store’s payment gateway or WooCommerce payment provider.
Didit Identity Verification
For high-risk cases or high-value orders, IronPhantom can support an identity verification workflow through Didit, where available.
Identity verification is handled externally by Didit.
During the 14-day trial period, the “Verify User” button and the identity verification workflow through Didit are disabled for security and abuse prevention purposes.
Identity verification is reserved for full Pro subscriptions or specifically approved configurations.
IronPhantom does not store:
Identity document images
Facial recognition data
Biometric data
Government ID files
Liveness check media
IronPhantom receives only the limited verification result/status needed to support the merchant’s fraud review process.
External Intelligence Providers
IronPhantom may use external providers such as:
FraudLabs Pro
ProxyCheck
Have I Been Pwned
Didit
These integrations are used only for security, fraud prevention, identity verification, and risk validation purposes, as described in the Privacy Policy.
Availability of specific integrations may depend on the current configuration, testing phase, or future paid service plan.
WordPress Database Impact
IronPhantom is designed as a SaaS-based solution. Heavy analysis is handled outside the WordPress installation, helping keep the local WordPress environment lighter and focused on essential plugin settings, status information, and relevant risk summaries.
