Several users are signing up under a suspicious or fraudulent email address when registering within an ecommerce site. These users are posting multiple irrelevant links to their own website to try to boost their ranking, or even posting URL links to dangerous or unsolicited websites.
To avoid suspicious email addresses, we can check the reputation score at the registration stage by implementing a tool within the Episerver Commerce framework. This tool will allow or disallow that user to register or sign-up on the commerce site if it receives a poor reputation score. I will demonstrate the integration of an email reputation check in the Episerver Commerce framework for user registration or sign up by using EmailRep.
EmailRep is a system of crawlers, scanners, and enrichment services that collects data on email addresses, domains, and internet personas. EmailRep uses hundreds of data points from social media profiles, professional networking sites, dark web credential leaks, data breaches, phishing kits, phishing emails, spam lists, open mail relays, spam traps, domain age and reputation, deliverability, and more to predict the risk of an email address and answer these types of questions:
- Is this email risky?
- Is this a throwaway account?
- Is there potential for this sign-up to commit fraud or abuse?
- What kind of online presence does this email have?
- Is this a trustworthy sender?
EmailRep API Integration with Episerver Commerce Framework through SDK and Cloud
Step one: EmailRep requires an API key to call this API. You can choose an API key using this URL. Choose Free Community or Enterprise Custom based on your preferences. After registration, you will receive the API key through your registered email address.
Step two: Run this API in Postman API using API Key and valid email address.
You’ll receive the following response details based on the reputation and suspicion score:
Reputation: High/medium/low/none. A high reputation is a good reputation, and each level becomes less reputable as it descends to medium, low, and none.
Plan. Expand. Optimize. A Cloud Migration Workbook.
Strategize the next steps of your organization's application modernization journey leveraging our experts' pragmatic approach.
Suspicious: Whether the email address should be treated as suspicious or risky. The answer will come across as true or false.
This email address is not suspicious and high reputation.
Step three: You can run this API in Postman using the API Key and an invalid email address.
This email address is suspicious and has no level of reputation.
Step four: I have integrated this API in the create account page in the Episerver Commerce version 5.0 framework.
- Create the handler, ValidateSuspiciousEmail, in the extensions project for account creation.
Use this link with your API key and set a proper order number to execute the handler. If the email address returns as suspicious, then set an error message to show on the create account page.
- Create API Response classes, EmailResponse and EmailDetailsResponse, in extensions. You can refer to this link for more information about the response detail.
- Build and run the project, and click on the create account link on the sign in.
d. Try to register a user with an invalid email address on the create account page. Click on the create account button and send this email address to ValidateSuspiciousEmail handler and given response.
Prevent Suspicious Email Registrations
You can quickly check for suspicious email addresses when you implement EmailRep within your Episerver Commerce version 5.0 framework. To learn more about this implementation and block further suspicious email registrations, contact our technical experts today.