IronPhantom Antifraud

IronPhantom Antifraud brings AI-assisted fraud monitoring and bot defense to WooCommerce.

The plugin works in a non-intrusive way by analyzing checkout, order, login, behavioral, and technical risk signals in real time. It helps identify risky behavior, compromised account indicators, suspicious IP patterns, automated activity, and session anomalies before they become a serious operational problem.

IronPhantom is designed for merchants who want more visibility, more control, and less noise.

Automated Provisioning

IronPhantom is built for fast activation.

After the merchant accepts the Privacy Policy and enables the service, the plugin can automatically generate a unique API Key linked to the store domain and connect the WooCommerce installation to the MGFirewallAI SaaS environment.

No risk analysis data is sent to MGFirewallAI until the merchant accepts the Privacy Policy and activates the service.

Smart Correlation Engine

Traditional fraud tools often generate too much noise.

IronPhantom focuses on correlated risk signals instead of isolated events. The dashboard is designed to highlight the most relevant suspicious transactions, where multiple indicators suggest a concrete risk.

Examples of correlated signals may include:

• Anonymous or high-risk IP address
• Email address associated with previous data breaches
• Password exposure indicator using privacy-preserving checks where applicable
• Repeated checkout attempts
• Suspicious user-agent or device behavior
• Behavioral patterns compatible with automation
• Unusual order or session activity
• Technical signals related to suspicious sessions or checkout abuse

This helps merchants focus on the cases that actually require attention.

Decision Support, Not Automatic Checkout Blocking

IronPhantom is designed to support merchant decisions, not replace them blindly.

By default, the plugin does not automatically block the WooCommerce checkout. This reduces the risk of false positives damaging legitimate sales.

IronPhantom is intended to support the merchant before order fulfillment and shipping. When a suspicious transaction is detected, the plugin provides risk context and supporting signals so the merchant can make a more informed decision before dispatching the product.

IronPhantom does not automatically block payments, cancel orders, refund orders, or stop shipments. Any decision to approve, review, verify, hold, cancel, refund, or ship an order remains under the merchant’s control and responsibility.

Instead, IronPhantom provides clear risk signals, context, and decision-support information so the merchant can decide whether to approve, review, verify, hold, refund, cancel, or ship an order.

Advanced mitigation features may be available in future paid or Pro plans, depending on the configuration enabled by the merchant.

Merchant Decision Responsibility

IronPhantom provides risk intelligence, alerts, and decision-support information.

The plugin does not make final business decisions on behalf of the merchant. Decisions such as approving, holding, verifying, refunding, cancelling, or shipping an order remain entirely under the merchant’s control and responsibility.

Risk scores, alerts, provider responses, and behavioral signals are intended to support review workflows and should not be considered a guarantee that an order is fraudulent or safe.

Behavioral AI Sensor

IronPhantom includes an optional behavioral sensor that can monitor interaction patterns such as mouse movement, scroll behavior, click timing, session duration, and technical browser signals.

The sensor is designed to help detect patterns compatible with:

• Bot activity
• Card testing attempts
• Credential stuffing
• Automated checkout abuse
• Suspicious session behavior
• Abnormal interaction patterns

The Behavioral AI Sensor is disabled by default and can be enabled manually from the IronPhantom dashboard after the merchant has reviewed the privacy information and service settings.

The sensor is designed to analyze behavioral and technical patterns. It is not intended to record payment card numbers, CVV codes, plain-text passwords, or the content of private form fields.

In the current testing phase, the sensor may operate in monitoring mode. Advanced mitigation and active response features may be introduced in future paid or Pro plans.

Identity Verification Workflow

For high-risk cases or high-value orders, IronPhantom can support an identity verification workflow through Didit.

Identity verification is handled externally by Didit. IronPhantom does not process or store identity documents, facial recognition data, biometric data, or government document images.

IronPhantom receives only the limited verification result/status required to support the merchant’s risk decision.

Identity verification features may be limited, disabled, or reserved for future paid or Pro plans depending on the current service configuration.

Testing Phase

IronPhantom is currently available for testing and evaluation.

During this phase, merchants may be able to test the plugin and its connected MGFirewallAI risk intelligence features without payment.

Future paid plans may introduce additional features, extended limits, advanced mitigation, identity verification workflows, and enhanced dashboard capabilities.

Key Features

• AI-Assisted Risk Intelligence – Detect suspicious order, login, checkout, behavioral, and technical risk signals.
• Behavioral AI Sensor – Optional sensor for interaction-based bot and automation detection, disabled by default.
• Smart Risk Dashboard – Shows priority transactions where multiple signals indicate a meaningful risk.
• Bot & Card Testing Detection – Helps detect patterns compatible with automated checkout abuse and repeated payment attempts.
• Credential Risk Signals – Supports checks related to compromised emails and password exposure indicators.
• External Risk Intelligence – Supports integrations with providers such as FraudLabs Pro, ProxyCheck, and Have I Been Pwned, where configured.
• Identity Verification Support – Optional workflow through Didit for high-risk cases, where available.
• Decision Support Mode – Helps merchants decide without automatically interrupting legitimate customers.
• Pre-Fulfillment Review Support – Helps merchants review suspicious orders before shipping products.
• GDPR-First Approach – Built with data minimization, pseudonymization where applicable, and privacy-aware processing.
• SaaS Architecture – Keeps heavy analysis outside the WordPress installation.
• Testing Mode Availability – Current testing access may be available without payment while the service is being evaluated.

Privacy & Data Security

IronPhantom follows a Privacy by Design approach.

The system is designed to process only the data required for fraud prevention, bot detection, security monitoring, and risk intelligence.

No risk analysis data is sent to MGFirewallAI until the merchant accepts the Privacy Policy and activates the service.

The Behavioral AI Sensor is disabled by default and must be enabled manually by the merchant from the dashboard.

Data Used for Risk Analysis

Depending on the plugin configuration and WooCommerce event, IronPhantom may process limited technical, behavioral, and transactional metadata such as:

• Order ID or transaction reference
• Store domain or merchant identifier
• Email address or pseudonymized identifier where applicable
• IP address
• Order amount
• Timestamp
• Browser and user-agent information
• Session and technical metadata
• Behavioral sensor signals, if enabled
• Risk-related status returned by external providers

Behavioral Sensor Data

If enabled by the merchant, the Behavioral AI Sensor may process interaction and technical signals such as:

• Mouse movement patterns
• Scroll behavior
• Click timing
• Session duration
• Browser and user-agent signals
• Technical indicators related to automation or abnormal sessions

The sensor is intended to analyze behavioral patterns and technical signals. It is not intended to record payment card numbers, CVV codes, plain-text passwords, or the content of private form fields.

Payment Data

IronPhantom does not process, collect, transmit, or store:

• Full payment card numbers
• CVV codes
• Full payment credentials
• Plain-text passwords
• Banking credentials

Payment processing remains handled by the store’s payment gateway or WooCommerce payment provider.

Didit Identity Verification

For high-risk cases or high-value orders, IronPhantom can support an identity verification workflow through Didit, where available.

Identity verification is handled externally by Didit.

During the 14-day trial period, the “Verify User” button and the identity verification workflow through Didit are disabled for security and abuse prevention purposes.

Identity verification is reserved for full Pro subscriptions or specifically approved configurations.

IronPhantom does not store:

• Identity document images
• Facial recognition data
• Biometric data
• Government ID files
• Liveness check media

IronPhantom receives only the limited verification result/status needed to support the merchant’s fraud review process.

External Intelligence Providers

IronPhantom may use external providers such as:

• FraudLabs Pro
• ProxyCheck
• Have I Been Pwned
• Didit

These integrations are used only for security, fraud prevention, identity verification, and risk validation purposes, as described in the Privacy Policy.

Availability of specific integrations may depend on the current configuration, testing phase, or future paid service plan.

WordPress Database Impact

IronPhantom is designed as a SaaS-based solution. Heavy analysis is handled outside the WordPress installation, helping keep the local WordPress environment lighter and focused on essential plugin settings, status information, and relevant risk summaries.