How does GrowSurf's anti-fraud system work?
Our anti-fraud system takes into account both client-side and server-side factors in a comprehensive manner.
On the client-side, we use a combination of browser fingerprinting methods that check for and validate new participants entering the referral program. This allows potential fraudsters to be identified beyond just their IP address and can target the user whether they are in a private browser mode instance, changing screen sizes, etc.
Once data is submitted to our servers, the new participant's information will also be processed and validated through a series of proprietary anti-fraud measurements to classify the fraud risk-level of the new participant
You can choose from two settings to set your referral program's anti-fraud behavior from the Campaign Editor: (1) Loose and (2) Strict.
- Loose: Allow any new participant to join your campaign, even if identified as having a high or medium fraud risk level (fraudsters will always be visibly marked in your dashboard).
- Strict: Completely block all new participants with a high fraud risk level from joining your referral campaign. GrowSurf will also assess the behavior and characteristics of new participants during a specific threshold of time, and block them if a suspicious pattern is detected.
Participants will have a fraud tag associated with them if they have either medium fraud risk or high fraud risk:
- Medium fraud risk: There is a good chance the participant is a fraudster; however, our system is not 100% certain. We recommend that you review the participant in detail.
- High fraud risk: Our system is overly confident that the participant is a fraudster.
Additional anti-fraud tools
In addition, GrowSurf also offers additional anti-fraud tools that are available to you within the Campaign Editor - Options page, and on your dashboard:
Blacklist email and IP addresses (with wildcard support) and countries
Blacklisting email addresses and IP addresses support wildcards (e.g, using patterns such as email@example.com).
Whitelist email and IP addresses (with wildcard support) and countries
Any values in the whitelist will always override any blacklisted values.
Enable Google reCAPTCHA
For full instructions on how to enable reCAPTCHA, please see this article.
Bulk delete fraudsters from your dashboard
Manually mark a participant as a fraudster
Trace the original fraudster of a participant