Fraud Prevention and Tracking
Learn how to prevent promotion fraud and protect your data using built-in features and reports. With this article, we will show you how to restrict promotion usage, protect your campaigns and make redemptions a reliable measure of campaign success.
Contents
IP Whitelisting
Enterprise feature available upon request
This functionality, available only upon request for customers on the Enterprise plan, provides an additional layer of security by filtering and allowing API requests exclusively from an authorized list of IP addresses.
Navigate to Project Settings→General→Application Keys and edit a Key. This will allow you to restrict the API keys to a specific list of IP addresses. By default, when the list is empty, access to the API through the API keys is allowed from any IP address.
Campaign Security
To prevent fraud in your campaigns, Voucherify secures your incentives and tracks performance at every stage of a campaign lifecycle:
- Anti-fraud limits reduce the risk of misuses as the app checks every interaction with your incentives against the defined limits.
- Activity tracking gives you an instant overview of campaign performance, customer behavior, and distribution details.
- Notifications, reports, and logs that inform you about important events and changes. The app stores and presents tracked data on graphs and charts. You can also list your data using predefined filters and export results using CSV files for further analysis.
Anti-fraud limits
Anti-fraud limits are meant to prevent any misuses using configurable limits and built-in prevention mechanisms. They limit redemptions of your incentives, secure the campaign budget upfront, and prevent email fraud.
Unique & case-sensitive codes
One-off codes are a guarantee of fraud control and reduction of misuses. While building coupon, gift cards, referral and loyalty campaigns, you can define unique code structure:
- Code pattern
- Charset
- Length
- Prefix
- Postfix
Vouchers are case-sensitive by default, but when adding new project, you can disable case-sensitive codes.
Customers can join the campaign only once
When you create a promo campaign you can mark that each customer will be allowed to join it only once. If the same customer requests another code, Voucherify will give him/her the same code again and will not generate another code for this end-user. Therefore, one customer can only receive one code assigned from a particular promo campaign.
Redemptions
Voucherify lets you restrict the incentive redemptions on several levels:
| ANTI-FRAUD LIMIT | DESCRIPTION | EXAMPLE |
| Client-side rate limiter per IP (for client-side integration). | The app limits the rate of public client requests (validate, redeem, and other) coming from a single IP address. | The current limits are as follows:
|
| Domain whitelist for public channel |
To increase the security of public client operations, Voucherify will accept only requests with Origin header that matches the domain(s) specified in the Project settings > your website URL. | Use the following pattern:
|
| The total discounted amount | It defines the overall discount amount that your customers can get by redeeming codes from a particular campaign. | The total value of applied discounts from campaign X cannot exceed $10 000. |
| The total orders volume | It defines the maximum value of all orders made within the campaign. When this limit is reached, customers cannot redeem more codes. | The value of all orders made within the campaign Z cannot exceed $20 000. |
| The total number of redemptions per campaign | It defines the total number of redemptions allowed per entire campaign. | Codes from campaign Y can be redeemed 5 000 times in total. |
| The total number of redemptions per coupon code | It defines how many times a single code can be used – once, custom number of times, or unlimited. | Code SUMMERLOVE2021 can be redeemed only 50 times (“Hurry up! Only 50 customers can use this deal!”) |
| The total number of redemption per customer per campaign | It defines the total number of campaign codes that each customer can use. | Customers can redeem only one code within a Welcome Discount campaign. |
| The total number of redemption per customer per code |
It defines how many times the same customer can use a single code. |
Each customer can redeem their Welcome Discount code only once. |
| Redeemable by card/coupon owner only | It defines that only the customer who has this code assigned to their profile can redeem the offer. | Code XYZ was assigned to Jane Doe, and only she will be able to utilize it. |
| Total redeemed gift amount | It defines the total value of redeemed gift cards per the whole campaign. | Customers can spend up to $10 000 of the balance from a given gift card campaign. |
| Order-based redemption criteria | It defines redemption conditions that specify required cart structure and/or order volume. You can discount particular items and/or exclude some products from applying the discount. | Only orders above $150 and with a Shampoo X qualify for the discount. |
| Segment & customer-based limitations | It defines the segment and customer metadata redemption conditions. With these options, you can target or exclude particular customers from using your offers. | Codes are available if a customer enters the "Regular Customers" segment and not available for customers from the "New customers" segment. |
| Custom metadata limits | It defines custom limits carried with a redemption request. Metadata can be attached to redemption, order, or customer attributes. | The code redemption is only available for orders made before 4 pm and via the mobile app. |
| Redeeming User & Redemption API key | It defines which team members or affiliates can/cannot invoke a coupon redemption. It can also limit redemptions to particular API keys. | User "Denver_department" can invoke redemptions, and the user "Central_department" cannot redeem codes. |
| Amount limit | It defines the maximum discount that a customer can get per single order or single discounted item (for percentage discounts). | The coupon code gives a 10% discount, and the amount limit is set to $50. When a customer's total order amount is $1000, the discount is still $50. |
| Redemption rollbacks | You can revert redemption by using the rollback functionality available via UI and API. This operation creates a rollback entry in the voucher's redemption history and gives one redemption back to the pool. In the case of gift vouchers, rollback returns funds according to source redemption. |
Customer subscribed to a lower plan, roll back redemption of their VIP discount used after the plan update. |
| Limited activity period |
You can introduce time-specific limitations:
|
|
Email anti-fraud
Email abuse protective measures are built to protect your landing pages. As email usually refers to the unique customer source id, it is critical to secure the form using data validation.
- Double opt-in – this feature is enabled by default and is used to verify your customers by sending them a confirmation email. Verifying email addresses can help you combat fraud attempts and fake email addresses.
- Block email aliases – some of your customers may attempt to provide multiple email aliases to receive a discount. That's why Voucherify can automatically block email addresses containing "+" so that customers cannot provide several email addresses such as jenna+marketing@voucherify.io or jenna+tech@voucherify.io.
- Unique email addresses – this feature allows you to block users from taking advantage of your incentives by using the same email address over and over again. Voucherify will automatically remember and store all the email addresses used in the given Voucherify project and prevent users from creating duplicates.
- Request lowercasing email addresses – some customers may try to sign up several times using mixed case characters, such as JeNNa@voucherify.io and JENNa@voucherify.io. You can block such users from abusing the system by automatically lowercasing email addresses before checking the address's uniqueness.
Read more on Landing Pages fraud protection.
Activity tracking
The app tracks all your campaigns and promo codes. You can also sync your ordering system and customers database to enable Voucherify to gather and analyze incoming data. Each campaign, redemption, customer, and order has an individual dashboard with detailed information, changes history, and logs.
Campaign performance monitoring
Follow the guides below to find out how to track promo campaigns performance in Voucherify:
Customer activity tracking
With a 360-degree customer profile and real-time tracking, you get insights into customer behavior. The app gathers information about all actions taken by customers and related profile updates. Activity filters enable you to search for customer actions performed within a particular timeframe and/or campaign. Read more.
Redemption tracking
The Redemptions tab lists every redemption attempt of any code created within Voucherify. Its goal is to help you track what happens to your codes, monitor campaign performance, and see the detailed reasons for redemption failure (with provided API requests and response bodies for in-depth analysis). Read more.
Distribution performance
The Activity tab in the Distribution detailed view lists distribution events in real-time. You can see the distribution status, and updates including who and when received the messages. Using filters, you can sort distribution events performed within a particular timeframe. In the dashboard of the related campaign, you'll see basic information like distribution state, the number of channels, redemption rate (codes redeemed at least once / all sent codes), and detailed metrics like the number of published codes, delivered messages, and redeemed codes. Read more.
Project logs
The Logs section in the Dashboard presents detailed information on every interaction with Voucherify API made within your project. It enables you to track request coming from all origins including customer's requests. Each log provides details of the sent request including its status and information about related objects (campaign, order, and more). Read more.
Quick troubleshooting with filtering
If there are any issues with your incentives, you can quickly filter codes based on numerous attributes and deactivate them with one click. Filters in Vouchers view lets you browse incentives by standard attributes such as activity period, campaign type, redemptions number, or custom attributes added as metadata.
Export data
You can quickly export all customer, voucher, and redemption data to analyze in your database or external analytics and CRM tools. The export tool enables you to specify which attributes you'd like to include in the CSV file.
Notifications and reports
Use webhooks or Zapier integration to push out automatic alerts. Here you can check the list of 50+ internal events you can be notified about out-of-the-box, including failed redemption or message send-out.
Learn how to set up notifications:
Distribution reports
Click on the distribution name and go to the Analytics tab. Charts show you the number of already sent messages divided per channel and time range. If any message fails, you'll see it in the dedicated chart.
Some messages can be automatically re-sent after the failure. Their delivery will be visible in the Messages Recovered chart once it's successful. If you send unique codes, analytics will also show the number of codes published via the distribution and the number of already redeemed codes from the campaign used in the distribution.
Dashboard reports
When you log into your account, you'll see dashboard reports presenting the overview of your current performance:
- Check the total redemptions number and percentage failure rate.
- Stay up-to-date with the most recent redemptions made in your store and their details.
- Keep an eye on current rates of successful and failed redemptions.
- Follow gift card spendings globally and see the total amount to spend during your gift card campaigns.
- Find out what types of promo campaigns are the most desired, and use this knowledge to build your future strategy.
Account Security
Besides keeping your incentives safe, Voucherify also offers built-in mechanisms for protecting your account from unauthorized access. Here's a dedicated guide on Account Security.