When it comes to internet activity, there are two important factors which are, unfortunately, somewhat at odds with each other. As the title says, these factors are privacy and security.
We believe that privacy is important, and understand that our customers may have a variety of valid reasons for wanting to protect their privacy when shopping with us. Sometimes these factors may be directly related to one's physical and emotional safety, and that's something we take very seriously, which is why we offer options like discreet shipping, where possible.
In addition to those very real concerns, there's also just the principle of the thing! We believe that privacy is a fundamental human right.
On the other hand, it's also incredibly important that one's online purchases are protected from identity theft and fraud. We specifically moved our website to Shopify's platform because of their excellent security. The online landscape is changing in such a way that it's become increasingly difficult for small companies like ours to independently maintain the level of security that Shopify can provide.
Unfortunately, online security is largely dependent on the ability to verify personal details. This means that the measures some people take to protect their privacy often conflict with payment processors' ability to confirm their identity, which results in orders being incorrectly flagged as security risks.
When Shopify's fraud detection flags an order as high risk, our current policy is to cancel the order, and email the customer about it, so that they can try to place the order again in a way that won't trigger a security flag.
So, what factors might result in an order being flagged as having a high risk of fraud? We don't know 100% of them, but these are the factors we're aware of:
- Using a web proxy
- Providing a billing address that doesn't match the information registered to card used
- Shipping to an address that is many miles away from the IP address (sometimes gifts get marked as potential fraud, but we can usually tell when that's the case)
- Several failed payment attempts
- Multiple payment attempts using different cards
- Placing an order from a country other than the billing address country
- Using an email service with a "high risk" domain (you can check yours here)
That last point was something we just recently learned about! Some people use services like Simple Login to generate different email addresses for different purposes. This can be a good way to avoid spam being sent to your primary email address, or for organizing your inbox. Unfortunately, it can also generate emails with a domain name that will be marked as a high fraud risk by Shopify.
We have a policy of never selling any of our customers' information, and only send emails directly related to your orders, or that you have specifically signed up for, such as our newsletters and restock notification emails. With that said, there are some ways of organizing your inbox or checking who has leaked your email address that are less likely to be flagged as fraud!
If you're a gmail user, you can add an extra word or code to your usual email address when placing orders or making new accounts, using the + sign. For instance, if your email is [your email]@gmail.com, you can use something like [your email]+storename@gmail.com when ordering with a specific store.
The store's emails will still go to your address like usual, but then you can use the +storename tag to sort them into a folder. If you start getting spam from other companies going to the [your email]+storename@gmail.com address, then you'll know where your info got leaked from!
You can add a different tag to your email for every store you shop at or service you sign up for using the + sign!
Taking another look at that list of factors the fraud checker uses, we've also found that if you have one of the more benign factors, the fraud risk assessment might be bumped up to a higher level if you're also placing a large and/or first-time order. So, if your first order with us is $100 worth of socks, which you're sending to your friend on the other side of the country, it might get flagged.
In many cases getting in touch about your order can help to clear things up, and confirm that you're a real person. We know it can be frustrating to have your order cancelled, but we're also happy to work with you to get your information verified, and help you find a happy medium between privacy and security.
