FraudLabs Pro has introduced 2 new options in the FraudLabs Pro Fraud Prevention plugin for WHMCS in version 2.4.8. These options enable you to invoke the SMS verification by solely based on phone number, or a combination of phone + email address. They are “Verify when new combination of phone number and email found” and “Verify when new phone number found“. Below is where you can configure the settings:
Verify when new combination of phone number and email found
By choosing this option, FraudLabs Pro will check if both the phone number and email address have been previously verified. If a new combination is found, FraudLabs Pro will trigger the SMS verification to re-authenticate the buyer. In other words, suppose a buyer had previously verified the phone number (+123456) with email address (firstname.lastname@example.org), the verification will be triggered again if the buyer uses the same phone number but a new email address (email@example.com). This option impose a tight authentication to ensure the ownership of the email address linked to a verified phone number.
Verify when new phone number found
On the other hand, for this option, the SMS verification will only be performed when the buyer’s phone number hasn’t been verified by the system previously. This is a simple approach, as long as the phone number had been previously verified, no SMS verification will be triggered for any email addresses used. A more user friendly approach to the buyer and lower cost incurred due to less verification being invoked.
Out of these 2 options, the 1st option is the recommended option for the verification due to the tight authentication for a legitimate buyer.