Fraud
Preventing fraudulent transactions
Zen Cart has the following mechanisms for detecting and blocking fraudulent activity:
- The orders screen has an indication at the left that the billing and shipping addresses are different. This can in some cases be a clue that the order is fraudulent.
- In Zen Cart 1.5.8 and above, the IP address used for account creation is tracked and displayed on the Admin > Customers > Customers page in the right hand infobox when a customer is selected.
- In Zen Cart 2.2.0 and above, the feature Customer account activation may be used to ensure that customers are using valid email addresses they own for account creation.
- Payment modules each have their own order status for new orders. Setting the status to “Pending” for a payment module allows you to check and ensure the payment went through before releasing the goods (virtual or physical).
- Plugins such as Delete Spam Customers and Activity Source allow you to track down and remove fraudulent entries from your database.
Still have questions? Use the Search box in the upper right, or try the full list of FAQs. If you can't find it there, head over to the
Zen Cart support forum
and ask there in the appropriate subforum.
In your post, please include your Zen Cart and PHP versions, and a link to your site.
Is there an error or omission on this page? Please post to General Questions on the support forum. Or, if you'd like to open a pull request, just review the guidelines and get started.
You can even PR right here.
Last modified September 28, 2025 by Scott Wilson (adfff8f1).