Fundamentally automated fraud detection is hard. Disabling the immediate redemption capability is the best initial step which we've taken.
For ongoing fraud detection/prevention, providing an approval process with tools to manually identify potential fraud and take actions to restict that user's access.
- prevent backdating trips from before registration
- Ban specific users ip addresses and have added new infrastructure to support banned users
- Manually processing these trips
- Begun work on disabling users who are suspected of fraudulent behavior
- Suspected Fraud Network - w/ popup and program (for astro) w/ recurring program email?
- add excluded networks to incentives
- Prevent use of single device on multiple accounts (probably 2) (some nuance)
- banned device ids
- Weekly/monthly reports with volume and change
- Point Program Approval Dashboard
- yellow/orange highlights
- gmail/hotmail/etc highlighted as questionable
- ip addresses highlighted for multiple occurences and location
- disable user popup - puts them in fraud network
- (optionally) flag tx as potentially fraudulent popup (flag boolean, flag note for filtering)