How does GrowSurf's anti-fraud system work?
Our anti-fraud system takes into account both client-side and server-side factors.
On the client-side, we use a combination of browser fingerprinting methods that check for and validate new participants entering the referral program. This allows potential fraudsters to be identified beyond just their IP address and can target the user whether they are in a private browser mode instance, changing screen sizes, etc.
Once data is submitted to our servers, the new participant's information will also be processed and validated through a series of anti-fraud measurements to classify the fraud risk level.
You can choose from two settings to set your referral program's anti-fraud behavior from the Campaign Editor: (1) Loose and (2) Strict.
- Loose: Allow any new participant to join your campaign, even if identified as having a high or medium fraud risk level (fraudsters will always be visibly marked in your dashboard).
- Strict: Completely block all new participants with a high fraud risk level from joining your referral campaign. GrowSurf will also assess the behavior and characteristics of new participants during a specific threshold of time, and block them if a suspicious pattern is detected.
Participants will have a fraud tag associated with them if they have either medium fraud risk or high fraud risk:
- Medium fraud risk: There is a good chance the participant is a fraudster; however, our system is not 100% certain. We recommend that you review the participant in detail.
- High fraud risk: Our system is overly confident that the participant is a fraudster.
Additional anti-fraud tools
In addition, GrowSurf also offers additional anti-fraud tools that are available to you within the Campaign Editor - Options page, and on your dashboard:
Blacklist email and IP addresses (with wildcard support) and countries
Blacklisting email addresses and IP addresses support wildcards (e.g, using patterns such as email@example.com).
Whitelist email and IP addresses (with wildcard support) and countries
Any values in the whitelist will always override any blacklisted values.
Enable Google reCAPTCHA
For full instructions on how to enable reCAPTCHA, please see this article. You should only enable reCAPTCHA if you are using the GrowSurf form as a dual-purpose form of signing up both new visitors and referred friends (e.g, waitlist).
Bulk delete fraudsters from your dashboard
From the top-right More Actions dropdown icon menu of your participants list, you can bulk blast all fraudster participants, along with all their fraudulent participant accounts associated with them.
Manually mark a participant as a fraudster
Marking a participant as a fraudster does not send out any emails or cause any new events to trigger. Find this action in the top-right More Actions dropdown icon menu of the participant page.
Trace the original fraudster of a participant
If a participant has multiple fraud identities, you can reveal the identity of the original fraudster. Find this action in the top-right More Actions dropdown icon menu of the participant page.