TrustLens – Trust Scores & Fraud Detection for WooCommerce

Stop losing money to abuse you can’t see. Serial returners, coupon exploiters, fraud rings, and stolen-card bots quietly drain WooCommerce stores — sometimes thousands per year. The damage usually shows up only after the chargeback ratio climbs or the margin disappears.

TrustLens is a behavior-based customer trust scoring and fraud detection plugin for WooCommerce. It scores every shopper from 0 to 100 using real store behavior and sorts them into six risk segments — VIP, Trusted, Normal, Caution, Risk, Critical. Eight detection modules run in the background: returns, orders, coupons, categories, linked accounts, shipping anomalies, chargebacks, and card-testing attacks at checkout. You see exactly which signals moved each score, and you decide what to do about it.

TrustLens never auto-blocks in Free. You review the customer profile and choose: block at checkout, allowlist forever, or simply watch the trend. Nothing happens behind your back. All customer data stays inside your store — no third-party calls — and linked-account fingerprints are pseudonymized with keyed HMAC-SHA256 hashes.

Abuse patterns TrustLens catches

TrustLens turns the WooCommerce data you already have into actionable customer intelligence. Instead of reading hundreds of orders and refunds line by line, you get one clear score per customer and a six-segment view of your entire customer base. The dashboard surfaces the patterns that move the needle:

• Return abuse and wardrobing — serial returners, high refund rates buried across hundreds of orders, customers with 90%+ full-refund ratios
• Coupon and discount fraud — repeat first-order coupon use, coupon-then-refund cycles, throwaway accounts created only to grab a discount
• Multi-account fraud rings — different emails sharing the same shipping address, IP, payment method, phone number, or device fingerprint
• Chargeback exposure — disputes per customer, blended store-wide chargeback ratio, brand-by-brand approach to Visa, Mastercard, Amex, and Discover monitoring thresholds
• Card-testing attacks at checkout — bots probing stolen cards through your payment gateway, racking up declines, fees, and downstream chargebacks
• Shipping address fraud — address hopping, billing/shipping country mismatches, rapid address-change velocity, reshipping patterns
• Hidden VIPs — long-tenured loyal customers you should protect from accidental friction or false positives

You see who’s worth rewarding, who’s silently costing you, and you take the call.

What’s included in the free version

The WordPress.org download is the complete plugin — no trial limits, no disabled scoring, no locked modules. Everything below ships in Free.

Detection — all 8 modules included

• Return Abuse Detection — analyzes refund rate, refund frequency, refund value, and full-vs-partial refund ratio to spot serial returners and wardrobing
• Order Pattern Analysis — completion rates, cancellation patterns, unusual order velocity
• Coupon Abuse Detection — repeat first-order coupon use, coupon-then-refund pattern, excessive coupon stacking
• Category-Aware Risk Scoring — applies extra risk when customers show high return rates in specific product categories
• Linked Accounts Detection — identifies accounts sharing shipping addresses, billing addresses, phone numbers, IPs, payment methods, or device user-agent fingerprints
• Shipping Address Anomalies — address hopping, billing/shipping country mismatches, address-change velocity, configurable velocity window (7–90 days)
• Chargeback Tracking — per-customer dispute history with automatic ingestion from Stripe and WooPayments, manual entry form for other gateways, automatic card-brand capture for accurate ratio reporting
• Card-Testing Defense — real-time decline-velocity monitoring in 60-second and 10-minute rolling windows, attacker device fingerprints locked out for 90 seconds, VIP customer bypass on by default so repeat buyers are never disrupted, one-click Panic Freeze button that halts all checkouts for 15 minutes during an active attack

Trust scoring engine

• 0–100 trust score for every customer, recalculated automatically when behavior changes
• Six risk segments — VIP, Trusted, Normal, Caution, Risk, Critical
• Every signal visible on the customer profile so you can see exactly how a score was calculated
• Account-age loyalty bonus up to +15 points for long-standing customers
• Configurable scoring thresholds — minimum orders required, return-risk levels, checkout-blocking settings

Dashboard and monitoring

• Command Center dashboard — trust score trends, segment distribution, refund activity, high-risk customer list, revenue-protection KPIs
• Chargeback Ratio Speedometer — blended calendar-month ratio with Healthy / Approaching threshold / Action-needed status against Visa, Mastercard, Amex, and Discover monitoring programs
• Module status row — quick on/off and one stat per detection module at a glance
• Persistent plugin-wide admin header with unified navigation, live status pill, notifications bell, and ⌘K command palette for fast access to any customer or setting

Customer management

• Trust badges on the WooCommerce orders list — sortable, filterable by segment, one click to the full customer profile
• Detailed customer profile with score history, event timeline, linked accounts, signal impact bars, and return-rate trend chart
• Bulk actions — block, unblock, allowlist, recalculate, delete in bulk
• Allowlist protection — locks a customer’s score at 100 and prevents any negative signals from affecting them, protecting VIPs from false positives
• Checkout enforcement — blocked customers can’t add items to cart or complete checkout (works on both Classic and WooCommerce Blocks / Store API checkout)
• Customizable block message

Operational

• Historical Sync — build trust profiles from past WooCommerce orders in the background using small batches that don’t slow the frontend
• REST API with 8 endpoints for integrations, customer lookups, score retrieval, segment filtering, and triggering recalculations
• WooCommerce HPOS compatibility — fully compatible with High-Performance Order Storage
• GDPR privacy tools — full WordPress privacy export and erasure integration, including signals, fingerprints, category stats, and automation logs
• Order-screen integration — trust score and segment displayed directly on every WooCommerce order edit page
• Core email notifications — blocked-checkout alerts, activation summary, weekly protection report

What Pro adds

Pro is for stores that want TrustLens to act on what it finds — automation, advanced alerts, deeper chargeback analytics, and payment-risk workflows.

Advanced Chargeback Monitor

A dedicated TrustLens → Chargeback Monitor page built to keep you clear of card-network monitoring programs:

• Per-brand ratio breakdown — Visa VDMP/VFMP, Mastercard ECP, Amex, Discover — with threshold progress bars
• 12-month trend chart showing how each brand has moved over time
• Trailing-30-day window alongside the Free calendar-month view
• Recent disputes activity feed with case status
• Top-disputed customers with one-click access to a Dispute Evidence Report — print-ready professional behavioral risk report (trust score, signals, order history, return analysis vs store average, linked accounts, full event timeline) that you can submit alongside processor dispute responses
• Customizable warn-threshold percent (50–100%)
• Auto-Block After N Lost Disputes — configurable runtime enforcement

Chargeback Ratio Email Alerts — daily check that emails you before any brand crosses its network threshold, deduplicated per brand per calendar month so you’re never spammed.

Automation Rules

Build trigger-based rules that fire when customer risk changes, orders are placed, refunds are processed, disputes are filed, linked accounts are detected, card-testing attacks happen, or shipping anomalies are spotted.

• 16+ triggers including Chargeback Filed, Dispute Recorded, Linked Accounts Detected, Card Testing Attack, Shipping Anomaly
• 30+ condition fields including trust score, segment, total order value, total disputes, customer age, country mismatch, coupon total, payment method, linked accounts count
• Actions — block customer, hold order, send email, fire webhook, allowlist customer, cancel order, tag customer
• Async dispatch with automatic retry (60s / 120s / 240s backoff)
• HMAC-SHA256 signed webhooks by default for security
• Save-time validator blocks rules that can never fire — unsatisfiable conditions, schema violations, contradictions — each with a specific inline reason
• Inline rule inspector shows SKIP status with the exact reason (”Cooldown active” / ”Condition not met: trust_score > 50”) so you can answer ”why didn’t my rule fire?” in one glance

Card-Testing Defense Pro

On top of free Card-Testing Defense, Pro adds attack-scale protection:

• Auto-escalation from targeted blocking to global Panic Freeze when an attack spreads across multiple device fingerprints (default: 3 distinct devices in 10 minutes)
• Geographic-diversity safeguard — before escalating, checks whether the decline burst is naturally distributed across ≥10 countries with no single country >50%, so legitimate flash-sale or viral traffic isn’t mistaken for an attack
• Fingerprint and IP CIDR allowlists for QA, integration partners, and known-good traffic (IPv4 and IPv6 ranges supported)
• Advanced fingerprint signal — 12-font detection via baseline-width comparison, harder for botnets to spoof consistently across nodes
• Per-fingerprint threshold overrides for tighter or looser thresholds on specific known devices
• Attack History tab with 24-hour decline count, decline-code breakdown, top-10 attacking fingerprints, hourly timeline chart, CSV export of all velocity events
• Slack and email alert dispatcher for attack_detected, auto_escalated, and panic_button_activated events

Payment Method Risk Controls — hide specific payment gateways for high-risk customers, linked accounts, or velocity spikes. Fine-grained checkout protection without blocking the whole order.

Scheduled Reports — daily, weekly, or monthly email summaries of store risk activity, customer trends, and protection KPIs.

10 advanced notification types — High-Risk Order Alert, Segment Change Alert, Daily Digest, High-Value Order Alert, Repeat Refunder Alert, Velocity Alert, Score Recovery Alert, New Customer Risk Alert, Monthly Revenue Protection Report, Chargeback Filed Alert.

Advanced Address Analysis — diversity-trend detection and enhanced country-mismatch severity for deeper shipping-fraud insight.

Bottom line: Free surfaces the risk. Pro acts on it.

How trust scoring works

Every customer starts at a neutral 50. TrustLens detection modules analyze behavior and apply positive or negative signals:

• Completed orders increase trust
• Refunds decrease trust based on frequency, value, and full-vs-partial ratio
• Coupon abuse patterns apply penalties (repeat first-order coupons, coupon-then-refund cycles)
• High return rates in specific categories add additional risk
• Linked accounts with already-risky customers reduce scores via fraud-ring detection
• Disputes and chargebacks apply significant penalties
• Shipping anomalies (address hopping, country mismatches, change velocity) reduce scores
• Card-testing exposure — customers tied to device fingerprints involved in past attacks lose trust
• Account age adds a loyalty bonus of up to +15 for long-standing customers

Scores are always clamped to 0–100. Every signal is visible on the customer profile so you can see exactly how each score was calculated and trust the decision.

Customers below the configurable minimum order threshold (default: 3 orders) stay in the Normal segment until enough data exists for confident scoring — so new stores don’t get noisy false positives in their first weeks.

Who TrustLens is for

• WooCommerce store owners losing margin to serial returners, refund abuse, or coupon fraud
• Operations and CX managers who need data to back up customer policies with confidence
• Fraud prevention teams looking past payment-gateway signals into behavioral patterns
• Merchants worried about Visa, Mastercard, Amex, or Discover chargeback monitoring programs (VDMP / VFMP / ECP)
• Stores with generous return policies that attract both loyal customers and abuse
• Stores using Stripe or WooPayments — chargeback and card-brand data flow in automatically with no manual setup
• Stores using other gateways (PayPal, Square, offline, custom) — manual chargeback entry keeps your ratio accurate

Privacy and data handling

TrustLens works entirely inside your WordPress and WooCommerce installation. It does not send customer data to the plugin developer or to any default third-party service. External delivery only happens if you explicitly configure features like webhooks, Slack alerts, or email notifications.

• Customer identifiers are pseudonymized with keyed HMAC-SHA256 hashes so raw email and identifier values are never exposed or reused across sites
• Linked-account fingerprints (address, phone, IP, payment method, device) use the same keyed-hash approach
• WordPress privacy tools are fully integrated — customers can request data export or erasure through the standard WordPress workflow, and TrustLens responds with signals, fingerprints, category stats, and automation logs included
• GDPR-compatible by design
• All scoring signals are visible on the customer profile so customer-service teams can explain any score on request

Built for production WooCommerce

TrustLens is engineered for busy stores and growing order volume:

• Asynchronous background scoring via Action Scheduler — the same system WooCommerce uses for its own background jobs
• WooCommerce HPOS compatibility — fully compatible with High-Performance Order Storage and legacy stores alike
• Transient-cached dashboard queries (15-minute and 1-hour TTLs) with automatic invalidation on new events so the dashboard doesn’t re-query order meta on every page load
• Batch-based Historical Sync that processes past orders in small chunks without blocking the frontend
• Lightweight checkout enforcement using a single email-hash lookup
• Unified Request Gate that intercepts both Classic and Blocks / Store API checkout through one rule-registration surface
• PHP 7.4+ supported, WordPress 6.4+ tested, WooCommerce-first throughout

If you need chargeback prevention, return-abuse detection, fraud-ring detection, or stolen-card attack protection for WooCommerce, TrustLens gives you the data and the tools to act — without taking control out of your hands.

External Services

This plugin may connect to external services as described below.

Freemius SDK

This plugin uses the Freemius SDK for optional usage tracking, license management, and plugin updates.

When data is sent:

• During plugin activation, only if the user explicitly opts in
• When checking for plugin updates
• When activating or deactivating a Pro license

What data is sent:

• Site URL, WordPress version, and PHP version
• Plugin version and activation status
• Admin email (only if opted in)
• License key (Pro version only)

Important: No data is sent unless you explicitly opt in during plugin activation. You can skip the opt-in entirely and use the free version without sharing any data.

• Service: Freemius
• Terms of Service: https://freemius.com/terms/
• Privacy Policy: https://freemius.com/privacy/

Webhooks (Pro, Optional)

When webhooks are enabled in TrustLens settings (Pro feature), the plugin sends HTTP POST requests to URLs configured by the administrator.

When data is sent:

• When a customer’s trust score is updated (if enabled)
• When a customer is blocked (if enabled)
• When a checkout is blocked (if enabled)
• When a high-risk order is placed (if enabled)
• When testing webhook connectivity

What data is sent:

• Customer email hash and, when available, the customer email stored in TrustLens
• Trust score and customer segment
• Event type and timestamp
• Order details for high-risk order events (order ID, total, status)
• Site URL and site name

Important: Webhook endpoints are entirely configured by you. No data is sent to any third-party service unless you explicitly add webhook URLs. The plugin does not send data to the plugin developer or any default external service.