How to Reduce the Number of Fake Orders in WooCommerce: A Comprehensive Guide

Getting your Trinity Audio player ready...

Bonus Tip: Send a Verification Link with OTP Code

An additional way to reduce the number of fake orders is by sending a verification link with an OTP (One-Time Password) to customers when they place their first order. This verification link contains a unique code, and customers must click it to verify their identity before their order is processed. This method ensures that only serious and legitimate customers can place orders.

By storing the verification code as a cookie for a limited time (e.g., 10 days), you can prevent fake or non-serious customers from making repeated attempts. If the customer verifies their email by clicking on the link, the order is processed; otherwise, the order can be flagged as suspicious.

Code to Send Verification Link with OTP and Store Cookie for 10 Days

Here’s a basic code snippet that demonstrates how to send a verification email containing a unique code when a customer places their first order on WooCommerce. If they don’t verify within 10 days, they can be treated as non-serious or fraudulent.

Step 1: Create a function to generate and send the OTP verification link

function send_verification_email($order_id) {
    $order = wc_get_order($order_id);
    $user_id = $order->get_user_id();
    
    // Check if the user is placing their first order
    if (get_user_meta($user_id, '_has_verified_order', true) != 'yes') {
        $verification_code = wp_generate_password(20, false);
        update_user_meta($user_id, '_verification_code', $verification_code);

        // Store the code in a cookie for 10 days
        setcookie("verification_code", $verification_code, time() + 864000, "/");

        // Send an email with the verification link
        $verification_link = home_url('/verify-order/?order_id=' . $order_id . '&code=' . $verification_code);
        $to = $order->get_billing_email();
        $subject = "Verify Your Order";
        $body = "Thank you for placing your first order with us! Please click the link below to verify your identity and confirm your order:\n\n" . $verification_link;
        $headers = array('Content-Type: text/html; charset=UTF-8');
        
        wp_mail($to, $subject, $body, $headers);
    }
}

add_action('woocommerce_thankyou', 'send_verification_email');

Step 2: Create a verification page to handle the verification

You need to create a custom page template in your theme to handle the verification process when a user clicks the link.

function verify_order() {
    if (isset($_GET['order_id']) && isset($_GET['code'])) {
        $order_id = sanitize_text_field($_GET['order_id']);
        $code = sanitize_text_field($_GET['code']);
        
        $order = wc_get_order($order_id);
        $user_id = $order->get_user_id();
        $stored_code = get_user_meta($user_id, '_verification_code', true);

        if ($stored_code === $code) {
            // Mark user as verified
            update_user_meta($user_id, '_has_verified_order', 'yes');

            // Clear the cookie after verification
            setcookie("verification_code", "", time() - 3600, "/");

            // Redirect to a confirmation page
            wp_redirect(home_url('/order-confirmed'));
            exit;
        } else {
            echo 'Verification failed. Invalid code or order ID.';
        }
    }
}
add_action('init', 'verify_order');

Step 3: Display a message for unverified customers and flag orders

If the customer does not verify their order within 10 days, you can flag the order as suspicious or notify the store admin.

function check_verification_status($order_id) {
    $order = wc_get_order($order_id);
    $user_id = $order->get_user_id();
    
    if (get_user_meta($user_id, '_has_verified_order', true) != 'yes') {
        // Flag order as potentially fraudulent or take necessary action
        $order->update_status('on-hold', 'Customer has not verified the email.');
    }
}

add_action('woocommerce_order_status_processing', 'check_verification_status');

Explanation:

1. Step 1: When a user places their first order, the send_verification_email function sends an email with a unique verification link and stores the verification code as a cookie on the user’s browser for 10 days.
2. Step 2: A user clicks on the verification link to confirm their order. If the code matches the one stored for that user, they are marked as verified, and the cookie is cleared.
3. Step 3: If a customer does not verify their order within 10 days, the order is flagged or held for manual review.

Final Words

Implementing an OTP verification system not only enhances security but also filters out fake and non-serious customers. By using cookies and ensuring that only verified customers can place their orders, you safeguard your WooCommerce store from fraudulent activity while providing a smooth experience for genuine customers.

For further assistance contact us:

share this article on your social media pages, would be highly appreciated.