內容簡介
TrustLens 是一款專為 WooCommerce 設計的顧客風險智能與濫用檢測外掛,透過行為分析為每位顧客分配從 0 到 100 的信任分數,幫助商家早期識別高風險顧客,降低損失。
【主要功能】
• 行為分析信任分數評估顧客風險
• 監控顧客的退款、訂單模式與優惠券使用
• 識別多帳號購物與濫用行為
• 提供手動與自動化的風險管理選項
• 追蹤爭議與退款風險
外掛標籤
開發者團隊
② 後台搜尋「TrustLens – Fraud Prevention & Chargeback Defense for WooCommerce」→ 直接安裝(推薦)
📦 歷史版本下載
原文外掛簡介
Stop losing money to WooCommerce fraud you can’t see. Serial returners, coupon abusers, fraud rings, and stolen-card bots quietly drain stores — often thousands per year. By the time the chargeback ratio climbs or your margin disappears, the damage is done.
TrustLens is a behavior-based customer trust scoring and fraud detection plugin for WooCommerce. It scores every shopper from 0 to 100 using real store behavior and sorts them into six risk segments — VIP, Trusted, Normal, Caution, Risk, Critical. Eight detection modules run in the background: returns, orders, coupons, categories, linked accounts, shipping anomalies, chargebacks, and card-testing attacks at checkout. You see exactly which signals moved each score, and you decide what to do about it.
TrustLens never auto-blocks in Free. You review the customer profile and choose: block at checkout, allowlist forever, or simply watch the trend. Nothing happens behind your back. All customer data stays inside your store — no third-party calls — and linked-account fingerprints are pseudonymized with keyed HMAC-SHA256 hashes.
Abuse patterns TrustLens catches
TrustLens turns the WooCommerce data you already have into actionable customer intelligence. Instead of reading hundreds of orders and refunds line by line, you get one clear score per customer and a six-segment view of your entire customer base. The dashboard surfaces the patterns that move the needle:
Return abuse and wardrobing — serial returners, high refund rates buried across hundreds of orders, customers with 90%+ full-refund ratios
Coupon and discount fraud — repeat first-order coupon use, coupon-then-refund cycles, throwaway accounts created only to grab a discount
Multi-account fraud rings — different emails sharing the same shipping address, IP, payment method, phone number, or device fingerprint
Chargeback exposure — disputes per customer, blended store-wide chargeback ratio, brand-by-brand approach to Visa, Mastercard, Amex, and Discover monitoring thresholds
Card-testing attacks at checkout — bots probing stolen cards through your payment gateway, racking up declines, fees, and downstream chargebacks
Shipping address fraud — address hopping, billing/shipping country mismatches, rapid address-change velocity, reshipping patterns
Hidden VIPs — long-tenured loyal customers you should protect from accidental friction or false positives
You see who’s worth rewarding, who’s silently costing you, and you take the call.
What’s included in the free version
The WordPress.org download is the complete plugin — no trial limits, no disabled scoring, no locked modules. Everything below ships in Free.
Detection — all 8 modules included
Return Abuse Detection — analyzes refund rate, refund frequency, refund value, and full-vs-partial refund ratio to spot serial returners and wardrobing
Order Pattern Analysis — completion rates, cancellation patterns, unusual order velocity
Coupon Abuse Detection — repeat first-order coupon use, coupon-then-refund pattern, excessive coupon stacking
Category-Aware Risk Scoring — applies extra risk when customers show high return rates in specific product categories
Linked Accounts Detection — identifies accounts sharing shipping addresses, billing addresses, phone numbers, IPs, payment methods, or device user-agent fingerprints
Shipping Address Anomalies — address hopping, billing/shipping country mismatches, address-change velocity, configurable velocity window (7–90 days)
Chargeback Tracking — per-customer dispute history with automatic ingestion from Stripe and WooPayments, manual entry form for other gateways, automatic card-brand capture for accurate ratio reporting
Card-Testing Defense — real-time decline-velocity monitoring in 60-second and 10-minute rolling windows, attacker device fingerprints locked out for 90 seconds, VIP customer bypass on by default so repeat buyers are never disrupted, one-click Panic Freeze button that halts all checkouts for 15 minutes during an active attack
Trust scoring engine
0–100 trust score for every customer, recalculated automatically when behavior changes
Six risk segments — VIP, Trusted, Normal, Caution, Risk, Critical
Every signal visible on the customer profile so you can see exactly how a score was calculated
Account-age loyalty bonus up to +15 points for long-standing customers
Configurable scoring thresholds — minimum orders required, return-risk levels, checkout-blocking settings
Dashboard and monitoring
Command Center dashboard — trust score trends, segment distribution, refund activity, high-risk customer list, revenue-protection KPIs
Chargeback Ratio Speedometer — blended calendar-month ratio with Healthy / Approaching threshold / Action-needed status against Visa, Mastercard, Amex, and Discover monitoring programs
Module status row — quick on/off and one stat per detection module at a glance
Persistent plugin-wide admin header with unified navigation, live status pill, notifications bell, and ⌘K command palette for fast access to any customer or setting
Customer management
Trust badges on the WooCommerce orders list — sortable, filterable by segment, one click to the full customer profile
Detailed customer profile with score history, event timeline, linked accounts, signal impact bars, and return-rate trend chart
Bulk actions — block, unblock, allowlist, recalculate, delete in bulk
Allowlist protection — locks a customer’s score at 100 and prevents any negative signals from affecting them, protecting VIPs from false positives
Checkout enforcement — blocked customers can’t add items to cart or complete checkout (works on both Classic and WooCommerce Blocks / Store API checkout)
Customizable block message
Operational
Historical Sync — build trust profiles from past WooCommerce orders in the background using small batches that don’t slow the frontend
REST API with 8 endpoints for integrations, customer lookups, score retrieval, segment filtering, and triggering recalculations
WooCommerce HPOS compatibility — fully compatible with High-Performance Order Storage
GDPR privacy tools — full WordPress privacy export and erasure integration, including signals, fingerprints, category stats, and automation logs
Order-screen integration — trust score and segment displayed directly on every WooCommerce order edit page
Core email notifications — blocked-checkout alerts, activation summary, weekly protection report
What Pro adds
Pro is for stores that want TrustLens to act on what it finds — automation, advanced alerts, deeper chargeback analytics, and payment-risk workflows.
Advanced Chargeback Monitor
A dedicated TrustLens → Chargeback Monitor page built to keep you clear of card-network monitoring programs:
Per-brand ratio breakdown — Visa VDMP/VFMP, Mastercard ECP, Amex, Discover — with threshold progress bars
12-month trend chart showing how each brand has moved over time
Trailing-30-day window alongside the Free calendar-month view
Recent disputes activity feed with case status
Top-disputed customers with one-click access to a Dispute Evidence Report — print-ready professional behavioral risk report (trust score, signals, order history, return analysis vs store average, linked accounts, full event timeline) that you can submit alongside processor dispute responses
Customizable warn-threshold percent (50–100%)
Auto-Block After N Lost Disputes — configurable runtime enforcement
Chargeback Ratio Email Alerts — daily check that emails you before any brand crosses its network threshold, deduplicated per brand per calendar month so you’re never spammed.
Automation Rules
Build trigger-based rules that fire when customer risk changes, orders are placed, refunds are processed, disputes are filed, linked accounts are detected, card-testing attacks happen, or shipping anomalies are spotted.
16+ triggers including Chargeback Filed, Dispute Recorded, Linked Accounts Detected, Card Testing Attack, Shipping Anomaly
30+ condition fields including trust score, segment, total order value, total disputes, customer age, country mismatch, coupon total, payment method, linked accounts count
Actions — block customer, hold order, send email, fire webhook, allowlist customer, cancel order, tag customer
Async dispatch with automatic retry (60s / 120s / 240s backoff)
HMAC-SHA256 signed webhooks by default for security
Save-time validator blocks rules that can never fire — unsatisfiable conditions, schema violations, contradictions — each with a specific inline reason
Inline rule inspector shows SKIP status with the exact reason (“Cooldown active” / “Condition not met: trust_score > 50”) so you can answer “why didn’t my rule fire?” in one glance
Card-Testing Defense Pro
On top of free Card-Testing Defense, Pro adds attack-scale protection:
Auto-escalation from targeted blocking to global Panic Freeze when an attack spreads across multiple device fingerprints (default: 3 distinct devices in 10 minutes)
Geographic-diversity safeguard — before escalating, checks whether the decline burst is naturally distributed across ≥10 countries with no single country >50%, so legitimate flash-sale or viral traffic isn’t mistaken for an attack
Fingerprint and IP CIDR allowlists for QA, integration partners, and known-good traffic (IPv4 and IPv6 ranges supported)
Advanced fingerprint signal — 12-font detection via baseline-width comparison, harder for botnets to spoof consistently across nodes
Per-fingerprint threshold overrides for tighter or looser thresholds on specific known devices
Attack History tab with 24-hour decline count, decline-code breakdown, top-10 attacking fingerprints, hourly timeline chart, CSV export of all velocity events
Slack and email alert dispatcher for attack_detected, auto_escalated, and panic_button_activated events
Payment Method Risk Controls — hide specific payment gateways for high-risk customers, linked accounts, or velocity spikes. Fine-grained checkout protection without blocking the whole order.
Scheduled Reports — daily, weekly, or monthly email summaries of store risk activity, customer trends, and protection KPIs.
10 advanced notification types — High-Risk Order Alert, Segment Change Alert, Daily Digest, High-Value Order Alert, Repeat Refunder Alert, Velocity Alert, Score Recovery Alert, New Customer Risk Alert, Monthly Revenue Protection Report, Chargeback Filed Alert.
Advanced Address Analysis — diversity-trend detection and enhanced country-mismatch severity for deeper shipping-fraud insight.
Bottom line: Free surfaces the risk. Pro acts on it.
How trust scoring works
Every customer starts at a neutral 50. TrustLens detection modules analyze behavior and apply positive or negative signals:
Completed orders increase trust
Refunds decrease trust based on frequency, value, and full-vs-partial ratio
Coupon abuse patterns apply penalties (repeat first-order coupons, coupon-then-refund cycles)
High return rates in specific categories add additional risk
Linked accounts with already-risky customers reduce scores via fraud-ring detection
Disputes and chargebacks apply significant penalties
Shipping anomalies (address hopping, country mismatches, change velocity) reduce scores
Card-testing exposure — customers tied to device fingerprints involved in past attacks lose trust
Account age adds a loyalty bonus of up to +15 for long-standing customers
Scores are always clamped to 0–100. Every signal is visible on the customer profile so you can see exactly how each score was calculated and trust the decision.
Customers below the configurable minimum order threshold (default: 3 orders) stay in the Normal segment until enough data exists for confident scoring — so new stores don’t get noisy false positives in their first weeks.
Who TrustLens is for
WooCommerce store owners losing margin to serial returners, refund abuse, or coupon fraud
Operations and CX managers who need data to back up customer policies with confidence
Fraud prevention teams looking past payment-gateway signals into behavioral patterns
Merchants worried about Visa, Mastercard, Amex, or Discover chargeback monitoring programs (VDMP / VFMP / ECP)
Stores with generous return policies that attract both loyal customers and abuse
Stores using Stripe or WooPayments — chargeback and card-brand data flow in automatically with no manual setup
Stores using other gateways (PayPal, Square, offline, custom) — manual chargeback entry keeps your ratio accurate
Privacy and data handling
TrustLens works entirely inside your WordPress and WooCommerce installation. It does not send customer data to the plugin developer or to any default third-party service. External delivery only happens if you explicitly configure features like webhooks, Slack alerts, or email notifications.
Customer identifiers are pseudonymized with keyed HMAC-SHA256 hashes so raw email and identifier values are never exposed or reused across sites
Linked-account fingerprints (address, phone, IP, payment method, device) use the same keyed-hash approach
WordPress privacy tools are fully integrated — customers can request data export or erasure through the standard WordPress workflow, and TrustLens responds with signals, fingerprints, category stats, and automation logs included
GDPR-compatible by design
All scoring signals are visible on the customer profile so customer-service teams can explain any score on request
Built for production WooCommerce
TrustLens is engineered for busy stores and growing order volume:
Asynchronous background scoring via Action Scheduler — the same system WooCommerce uses for its own background jobs
WooCommerce HPOS compatibility — fully compatible with High-Performance Order Storage and legacy stores alike
Transient-cached dashboard queries (15-minute and 1-hour TTLs) with automatic invalidation on new events so the dashboard doesn’t re-query order meta on every page load
Batch-based Historical Sync that processes past orders in small chunks without blocking the frontend
Lightweight checkout enforcement using a single email-hash lookup
Unified Request Gate that intercepts both Classic and Blocks / Store API checkout through one rule-registration surface
PHP 7.4+ supported, WordPress 6.4+ tested, WooCommerce-first throughout
If you need chargeback prevention, return-abuse detection, fraud-ring detection, or stolen-card attack protection for WooCommerce, TrustLens gives you the data and the tools to act — without taking control out of your hands.
External Services
This plugin may connect to external services as described below.
Freemius SDK
This plugin uses the Freemius SDK for optional usage tracking, license management, and plugin updates.
When data is sent:
During plugin activation, only if the user explicitly opts in
When checking for plugin updates
When activating or deactivating a Pro license
What data is sent:
Site URL, WordPress version, and PHP version
Plugin version and activation status
Admin email (only if opted in)
License key (Pro version only)
Important: No data is sent unless you explicitly opt in during plugin activation. You can skip the opt-in entirely and use the free version without sharing any data.
Service: Freemius
Terms of Service: https://freemius.com/terms/
Privacy Policy: https://freemius.com/privacy/
Webhooks (Pro, Optional)
When webhooks are enabled in TrustLens settings (Pro feature), the plugin sends HTTP POST requests to URLs configured by the administrator.
When data is sent:
When a customer’s trust score is updated (if enabled)
When a customer is blocked (if enabled)
When a checkout is blocked (if enabled)
When a high-risk order is placed (if enabled)
When testing webhook connectivity
What data is sent:
Customer email hash and, when available, the customer email stored in TrustLens
Trust score and customer segment
Event type and timestamp
Order details for high-risk order events (order ID, total, status)
Site URL and site name
Important: Webhook endpoints are entirely configured by you. No data is sent to any third-party service unless you explicitly add webhook URLs. The plugin does not send data to the plugin developer or any default external service.
