Maxmind Fraud Prevention module for LiBilling
Find a file
Troy Siedsma 5b70e9fcd5 Standardize composer.json + README + LICENSE
Per LithiumHosting/LiBilling re-platform conventions:

  - composer name set to <vendor>/<pkg> where vendor is
    `libilling` for libilling-* packages and `lithiumhosting`
    for laravel-* packages (matches the Forgejo org).
  - license normalized to MIT across all extracted packages.
  - README License section uses the standardized LiBilling
    commercial-host + MIT-package boilerplate.
  - README composer require line updated to match the new
    vendor prefix.
  - LICENSE.md created with MIT text where missing.

PHP namespaces under autoload.psr-4 are UNCHANGED; classes
keep their LithiumHosting\\... roots.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-22 15:03:58 +00:00
src Re-platform onto LiBilling/libilling-maxmind Forgejo origin 2026-05-22 13:14:20 +00:00
composer.json Standardize composer.json + README + LICENSE 2026-05-22 15:03:58 +00:00
LICENSE.md Standardize composer.json + README + LICENSE 2026-05-22 15:03:58 +00:00
README.md Standardize composer.json + README + LICENSE 2026-05-22 15:03:58 +00:00

LiBilling MaxMind Fraud Screener Module

A LiBilling fraud-screener module for MaxMind minFraud. Scores orders and users against MaxMind's minFraud service, returns a FraudResult DTO with a numeric risk score and bucketed risk level, and auto-registers itself into the FraudScreenerRegistry on boot.

Features

  • Score-Based Screening: Orders and users scored against MaxMind minFraud (0-99)
  • Auto-Registration: Registers into FraudScreenerRegistry as maxmind on boot; no manual wiring required
  • Configurable Thresholds: Auto-approve, auto-reject, low/high risk, and user-cache windows all env-driven
  • Score or Insights: Choose the cheap score endpoint or the richer insights endpoint per deployment
  • Rich Result Details: IP/email/device signals surfaced on the FraudResult when using insights

Installation

This package is loaded as a local Composer path repository. No separate installation is needed when developing within the LiBilling monorepo.

For standalone installation:

composer require libilling/libilling-maxmind

Configuration

Add your MaxMind credentials to .env:

MAXMIND_ACCOUNT_ID=your-account-id
MAXMIND_LICENSE_KEY=your-license-key

These are read from config/services.php under the maxmind.* key.

Threshold behavior is controlled through the fraud.* section of config/libilling.php:

FRAUD_SCREENER=maxmind
FRAUD_AUTO_APPROVE_BELOW=20
FRAUD_AUTO_REJECT_ABOVE=75
FRAUD_LOW_RISK_BELOW=25
FRAUD_HIGH_RISK_ABOVE=75
FRAUD_USER_CACHE_DAYS=90
FRAUD_FLAG_USER_ABOVE=75
FRAUD_SERVICE=score

See config/libilling.php for the full set of fraud.* keys this screener honors.

Capabilities

Declared via supports() using the FraudScreenerInterface constants:

  • screen_order: Per-order fraud screening at checkout
  • screen_user: User-level fraud screening at onboarding

Dependencies

  • maxmind/minfraud ^3.0 -- MaxMind minFraud PHP client

Testing

php artisan test --filter=Maxmind

License

LiBilling is (C) Lithium Holdings, LLC. All components except for third-party modules and select packages with their own license are licensed under a Commercial License. Contact licensing@lithiumholdings.com for licensing enquiries. Any dissemination of material herein is prohibited without expressed written consent of Lithium Holdings.

This package, libilling-maxmind is licensed under The MIT License (MIT). Please see License File for more information.

Is it any good?

Yes.

When people first hear about a new product, they frequently ask if it is any good. A Hacker News user remarked:

Note to self: Starting immediately, all raganwald projects will have a "Is it any good?" section in the readme, and the answer shall be "yes.".