Order rules are a robust and powerful tool for automating your store’s order processing workflow in NS8 Protect. However, it may be overwhelming to create your own order rules from scratch if you don’t have prior experience with automation. To help you get started, we’ve compiled a list of suggested order rules to unlock the full potential of NS8.

These blanket rules are designed to apply to a wide variety of merchants, but you may wish to tweak them slightly to suit your individual needs. And remember that order rules run sequentially from top to bottom, so maintaining a logical structure is essential.

Read on to discover the go-to order rules that you should be using!

1. Positive list

The first order rule to incorporate into your automation workflow is a positive list: namely, a list of VIP customers whose orders will be auto-approved. Placing this order rule at the top of your rule hierarchy ensures that these orders won’t be affected by any subsequent rules. Generally, this list should be restricted to well-known good customers who have had their legitimate orders mistakenly flagged in the past. We also recommend building a price cap into your positive list to prevent issues with account takeover fraud.

2. Negative list

In contrast to your positive list, a negative list order rule lists any customers whose orders should be automatically cancelled. These known bad actors can be singled out through their name, email address, IP address, or any other unique identifiers. If you have had recurring issues with certain customers placing bad or fraudulent orders, isolating these infamous users in a negative list will prevent them from wasting your precious time and resources in the future. Note that this list can be updated anytime to keep up with changing fraud threats.

3. Billing/shipping mismatch

Our next recommended order rule looks for discrepancies between a customer’s billing address and shipping address, as this can be a sign of fraudulent activity. For example, if a hacker places an expensive order using illegally-obtained credit card information, they will likely send the purchase to their own shipping address while using the cardholder’s real billing address. However, not all orders with mismatched billing and shipping addresses are fraudulent. Some customers, like college students, may live at one address but have bills sent to another, and other customers may be sending a gift to a friend. We recommend building a price threshold or other fraud indicator into this order rule to prevent legitimate customers from being flagged.

4. IP mismatch

A user’s IP address can be used to triangulate the country from which their session originates. If this country does not match the country listed in their billing or shipping address, this may be a major red flag for fraudulent activity. An order rule that detects IP mismatches will ensure that these orders are flagged as high-risk to allow for further review. For some merchants, an IP mismatch may not be unusual (for example, if a large portion of your customer base is comprised of people who frequently travel abroad), so this order rule may require adjustment.

5. Location

Location-based order rules function much like negative list rules that screen individual users, but these rules are designed to quarantine orders based on their location. This may be useful if you notice an influx of bad orders from a specific area or have issues with shipping forwarders to certain regions. However, we recommend adjusting the risk level of these orders rather than canceling them outright—that way, you can take the time to manually review the details of each order and approve any legitimate purchases from these locations.

6. Price (high risk)

Unexpectedly large purchases may sound exciting, but they are often harbingers of fraud rather than legitimate business. We recommend building an order rule that elevates an order’s risk level if the purchase price exceeds a certain threshold. This specific threshold will vary between merchants and is based on your store’s prices, products, and clientele. Roughly speaking, any order total higher than double the price of an average order should be flagged as high-risk and subject to additional review.

7. Price (verify)

Other purchases may still be large enough to warrant suspicion, but not quite as large as in the previous scenario. Creating an order rule that subjects these moderately large purchases to additional friction (using NS8’s Customer Verification process) can ensure that they are legitimate. Depending on how you have configured your Customer Verification settings in NS8, the order may be automatically approved if the check is successful. A good threshold for this order rule is to initiate verification for purchases with a price that exceeds 1.5 times the average order size for your store.

Final: Approve

Once an order has made it through the gauntlet of the above order rules and has not been flagged as risky or automatically canceled, it is likely safe to approve. An approval order rule will auto-approve any orders that passed previous scrutiny and is still categorized as low-risk. Orders with an EQ8 Score corresponding to a medium or high level of risk will remain in Merchant Review and require further investigation.

This order rule should always come very last in the rule hierarchy, so any additional custom rules need to be placed above this one.

Putting it all together

When these order rules are implemented together, they should roughly appear like this. Don’t forget that order rules run from top to bottom, so your rule hierarchy is essential for proper functioning. If you have your own custom order rules in addition to the ones we have suggested above, be sure to integrate them into your workflow appropriately, or else they may not function as intended. Our best practices guide explains more about how to properly structure order rules based on what role they fill.