The Shopify app is in private beta. Public App Store listing is in submission. Need early access? Get in touch.
What you get
- Every Shopify order is scored via the
orders/createwebhook within seconds of checkout. - The risk verdict is written back to Shopify's Order Risk panel with a deep link to the full report.
- If Auto-hold critical is enabled, orders in the critical band are cancelled before capture.
- Enriched signals via Shopify
CardPaymentDetails(AVS, CVV, BIN) with multi-strategy fallback toreceiptJsonand the processor's Query API.
Install
- Search the Shopify App Store for “Fraud Command Center” and click Add app.
- Approve the requested scopes. The app reads orders and customers; it writes draft orders only when you use the test-order generator.
- On first load, the app auto-provisions a Fraud Command Center merchant, store, and API key. You're redirected to the embedded dashboard.
Required scopes
The app requests the following scopes during install:
read_orders, read_all_orders, write_order_edits,
read_customers, write_draft_orders, write_ordersread_all_ordersis required for > 60-day shadow-mode backfill.write_draft_ordersandwrite_ordersare used only by the optional test-order generator.
Webhooks registered
orders/create— scoringapp/uninstalledapp/scopes_updatecustomers/data_request,customers/redact,shop/redact— compliance
Order Risk writeback
After scoring, the app calls Shopify's orderRiskAssessmentCreate mutation to record the risk verdict. You'll see Fraud Command Center risk levels alongside Shopify's native checks in the order timeline.
Auto-hold critical orders
Toggle Auto-hold critical in Settings → Thresholds. When enabled, orders scored in the critical band trigger a Shopify orderCancel with a reason of “fraud” before payment captures.
Shadow mode
While in shadow mode, the app scores every order with the deterministic pipeline but skips Order Risk writeback and never cancels orders. Useful for the first 30 days while you tune thresholds against your real traffic.