Phone Orders Overview

forter can help​ you ​combat​ fraudulent omnichannel​ orders, including orders​ ​placed​ ​over​ ​the​ ​phone ​ by providing the customer's internet connection information, forter will be able to use the same advanced behavioral analytics to identify fraud over the phone as we do for online purchases you can do this either by sending the customer an authentication link over sms or email or by generating a unique id on your website that they will share with your call center representative authenticate via link this​ solution ​will trigger an sms or an email to your customer that directs them to a landing page to complete the transaction by placing forter's javascript snippet on the designated landing page, forter will be able to collect important information about the customer during this last step before making a decision integration steps send order api request when your customer places an order over the phone and your customer service team enters it into the system, send a request to the order api with all of the checkout details and with "ordertype" "phone" { "orderid" "123456", "timesenttoforter" 1568309531121, "checkouttime" 1568309523223, "connectioninformation" { "customerip" "172 18 13 3", "useragent" "", "fortertokencookie" "" }, "ordertype" "phone", } handle response with recommendation based on your configuration to use this solution for phone orders, the order api will return a response with a recommendation to follow up with verification note that the decision in this response will always be decline, but you should follow the recommendation hold the order; do not void it v2 response format { "action" "decline", "recommendations" \["verification required send link"] } v3 response format { "forterdecision" "decline", "recommendation" "verification required send link" } create landing page with confirm button create a designated landing page for the customer to confirm their phone order we recommend hashing the url to prevent abuse mobile confirmation page add a confirm button to the page with the following javascript let timeout; function enableconfirmationbutton() { if (timeout) { cleartimeout(timeout); } // logic for enabling the confirmation button, for example $("#confirm btn") prop('disabled', false); } timeout = settimeout(enableconfirmationbutton, 10000); document addeventlistener('ftr\ loaded', enableconfirmationbut ensure that forter's javascript snippet is also placed on this page, as described in front end integration https //docs forter com/front end integration#qidat this must be placed after the button script the timeout extends the load time so that the asynchronous javascript for user behavior can load fully and capture the relevant data from the customer's device on mobile, the button should be disabled by default for this reason confirmation page confirmation page confirm purchase provide your forter implementation engineer with the url for this page to include in your site configuration send sms or email to customer create a service that sends an sms or email to the customer who placed the order with a link to the landing page created in the previous step the customer must click this link and the confirm button to complete the order landing you should invalidate the link after the confirm button is clicked, so that the customer cannot reopen the page on another device for additional attempts request decision from order update api when the customer clicks confirm , send a request to the order update api that includes the same orderid as the first call, along with an updated "ordertype" "phone link" include full headers collected from the confirmation page as well as the connectioninformation , including fortertokencookie { "orderid" "123456", "ordertype" "phone link", "connectioninformation" { "customerip" "10 0 0 127", "useragent" "mozilla/5 0 (windows nt 6 1; wow64) applewebkit/537 36 (khtml, like gecko) chrome/47 0 2526 73 safari/537 36", "fortertokencookie" "2315688945984", "merchantdeviceidentifier" "hgj7512345h3", "fullheaders" "{\\\\\\"method\\\\\\" \\\\\\"get \\\\/ http\\\/1 1\\\\\\", \\\\\\"host\\\\\\" \\\\\\"forter com\\\\\\", \\\\\\"connection\\\\\\" \\\\\\"keep alive\\\\\\", \\\\\\"accept\\\\\\" }" } } handle decision from response this second api response will contain forter's decision on the order determine next steps as described in checkout integration https //docs forter com/checkout integration#qy j5 we recommend setting an expiration timeframe if you do not receive the second response from forter because the customer did not click confirm inform your forter implementation engineer of the expiration timeframe so we can configure decisions to match generate a web id our web id solution​ ​requires​ your customer to visit your website and collect a 9 digit unique browsing id ( customerwebid ) that they can provide over the phone along with their order by including this identifier along with the order details, forter can connect the information about the customer collected on your site integration steps front end integration with web id confirm with your forter implementation engineer that your forter javascript snippet has been adapted to also generate a web id per customer // event listening document addeventlistener('ftr\ customerwebidready', (e) => { const webid = e detail; // code with the webid } // altenatively, with jquery $(document) on('ftr\ customerwebidready', function(e, webid) { // code with the webid }) when the 9 digit webid is generated, show this unique id to the customer on your website via javascript and html you can tailor how and where this id shows; it is commonly placed in a footer html update your phone order process to request a web id when a customer calls to place an order over the phone, advise the representative to ask the customer for the 9 digit unique code to include with the order details in your order creation system, create a field for this entry that is only visible to internal users collecting phone orders validate the web id (optional) the​ ​web id​ ​is​ ​a​ ​valid​ ​luhn​ ​number,​ ​and​ ​​can​ ​be​ ​easily​ ​validated​ ​with​ ​any​ ​programming language example function luhncheck(s) { let sum = 0; let mul = 1; let len = s length; while (len ) { const ca = parseint(s charat(len), 10) mul; sum += ca (ca > 9) 9; mul = 3 mul; } return (sum % 10 === 0) && (sum > 0); } send order api request when your customer places an order over the phone and your customer service team enters it into the system, send a request to the order api with all of the checkout details and with "ordertype" "phone" include the phoneorderinformation object, with the customerwebid provided along with other information collected during the call the connectioninformation object should include empty strings; this will be gathered from the web id { "orderid" "234606tb17", "ordertype" "phone", "connectioninformation" { "useragent" "", "fortertokencookie" "", "customerip" "45 83 84 44" }, "phoneorderinformation" { "customerwebid" "123456789", "callerfirstname" "john", "callerlastname" "smith", "callerid" "2121234567" } } handle decision from response determine next steps as described in checkout integration https //docs forter com/checkout integration#qy j5