The Kount Fraud Prevention plugin for WooCommerce provides fraud protection to WooCommerce customers for their online store. Before you can begin using the plugin, you are required to sign a contract with Kount, an Equifax company, and receive a product demonstration delivered remotely by a dedicated account team. If you are not a Kount Command or Kount Control customer, contact your Kount representative to be paired with an account executive and schedule a demonstration.
For the integration process, you need the WooCommerce Kount Plugin zip file (or the WordPress plugin download), your Kount Agent Web Console (AWC) login credentials, Kount provided Merchant ID, and Login API Key.
Step 1: Create a new RIS API key
- Login into the AWC using your Kount credentials.
- Click the ADMIN tab and then select API Keys from the drop-down menu.
- On the API Key Management page, click Create API Key.
- Provide the Key Name and select the RIS and API Key boxes on the pop-up window. Then click Create API Key. API keys are required to authenticate to Kount.
- Your new API Key displays on the API Key Management screen. This API Key is used in Step 2.
Step 2: Add a WooCommerce website in the Agent Web Console
- Log into the Kount Test Portal.
- Under the Fraud Control list, click the Website option.
- In the Add Website pop-up window, enter a Website ID, which is any unique identifier for the website. The Website ID is used while configuring the plugin.
- If desired, add a description for the website .
- With the Kount Plugin installed successfully, Event Notification Service information displays. Under ENS Enabled, select No and leave the Merchant ENS URL empty.
- Click Add Website.
- A different Website ID can be created for Payments and Account Creation. To configure WooCommerce to use two IDs, create two separate Website IDs in the AWC. The same Website ID can be used for Kount Control and Kount Command – or you can create two separate websites.
Step 3: Install the Kount Fraud Prevention plugin
If Kount provided you with a ZIP file, follow these steps to set up the plugin for testing in a sandbox environment.
- Login into WordPress with your admin credentials.
- Go to Plugins, and then select Add New.
- Click Upload Plugin.
- Click Choose File, and then upload the Kount Plugin zip file.
- Once the Kount Plugin is successfully installed, it displays in the WordPress menu.
If you are done testing and ready to install the plugin in your production environment, follow these steps:
- Log into WordPress with your admin credentials.
- Go to Plugins.
- In the Plugin section, click Add New option.
- Search for Kount Fraud Prevention, and then click Install Now.
- Once the plugin installs successfully, it displays in the WordPress menu list.
Step 4: Enter the Configuration Information
- Switch the Enable Plugin button to turn on the feature. With the plugin enabled, Kount is called for any payment assessment.
- In the Merchant ID textbox, enter the 6-digit MID provided by Kount.
NOTE: Do not click the Regenerate Consumer key & secret key button. This is generated automatically during this process.
- Switch the Payment Risk Assessment button to enable Kount to perform a payment risk assessment.
- Choose a Payment Workflow Mode.
- Pre-Authorization: Query Kount RIS before attempting an authorization from the payment gateway.
- Post-Authorization: Query Kount RIS after the payment gateway has been contacted.
- Enter the API Key created in Step 1.
- Copy the ENS Callback URL from the WooCommerce plugin and paste it in the ENS Callback URL textbox. If the Payment Risk assessment is enabled, the ENS URL appears in the respective field. This is a read-only field and is used as the value for the ENS API URL configured in the Kount AWC.
- Enter the Website ID set up in Step 2.
Account Creation Settings
- Account Creation is enabled by default. If you are using Kount Control and Kount Command, enable Account Creation to prevent sending a risk assessment within Woo/WordPress for recently created accounts.
- Trusted Device remains disabled by default. When enabled, the Kount Trusted Device End Point and user device details are saved as a trusted device in Kount’s database.
- Enter the Website ID set up in the Agent Web Console (AWC) in Step 2.
Account Login Settings
- Account Login remains disabled by default. If enabled, it performs a risk assessment for login users.
- Enter the Login API Key provided by Kount as mentioned in the prerequisite.
- Trusted Device remains disabled by default. When enabled, it calls the Trusted Device Endpoint. If the user device is not saved as a trusted device, then Kount sends a challenge-response and the user is challenged with MFA depending on the MFA setup configured by admin in WordPress.
Refer to the documentation for MFA and Trusted Device on the configuration page for more details.
- Select the appropriate logs level from the three levels available: Debug, Info, and Error.
- In the logs deletion duration (in days) text box, select the logs delete duration. The default setting is 30 days and can be extended up to 999 days.
- Click Download file to download the log file.
- Save the configuration information.
Step 5: Update the AWC
- Return to the AWC.
- Next to the WooCommerce website you created earlier, click the Gear icon and then click Edit.
- Under ENS enabled, select Yes.
- In the Merchant ENS URL text box, enter the URL from the ENS Callback URL page retrieved during the WooCommerce installation in Step 4.