IronPhantom Antifraud

Description

IronPhantom Antifraud brings real-time fraud intelligence to WooCommerce.

Powered by MGFirewallAI, the plugin analyzes checkout and login events using multiple security signals such as:

• IP reputation analysis
• known credential leaks and data breach intelligence
• suspicious login or checkout patterns

Each store connects to a personal MGFirewallAI dashboard, where merchants can review alerts, transactions and fraud risk indicators.

IronPhantom does not block WooCommerce checkout and does not modify WordPress or WooCommerce core files.
Instead, it provides real-time fraud signals that help merchants identify suspicious activity before it becomes a chargeback or account takeover.

The plugin requires a personal API key, which can be automatically generated during the setup wizard.

IronPhantom is designed with privacy and data minimization in mind and works only after explicit consent is enabled in the plugin settings.

Key Features

• IP Risk Analysis – identifies suspicious IP addresses during checkout or login activity.

• Data Breach Intelligence – detects emails associated with known credential leaks and compromised databases.

• Real-Time Fraud Signals – checkout and login events are analyzed instantly by the MGFirewallAI engine.

• Automatic API Key Generation – the setup wizard can generate a personal API key and connect your store to MGFirewallAI.

• Merchant Dashboard – each store connects to a personal dashboard where alerts and transactions can be monitored.

• GDPR-Friendly Design – data is processed only after explicit consent and follows a data minimization approach.

• Safe WooCommerce Integration – IronPhantom never modifies WooCommerce core files and does not interrupt checkout.

Easy install (recommended)

1. Go to Plugins → Add New in your WordPress admin panel.
2. Search for IronPhantom Antifraud.
3. Click Install Now and then Activate.

(WooCommerce must be active.)

Manual installation

1. Download the plugin ZIP file.
2. Go to Plugins → Add New → Upload Plugin.
3. Upload the ZIP file and click Install Now.
4. Activate the plugin.

Setup

After activation the IronPhantom setup wizard will start automatically.

The wizard can generate a personal API key and connect your store to the MGFirewallAI security network.

If you prefer manual configuration:

1. Navigate to

WooCommerce → Settings → IronPhantom Antifraud

1. Enable the data sending consent option.

2. Insert your IronPhantom API key.

3. Save the settings.

4. Place a test order or login to verify that the antifraud analysis is active.

Privacy

IronPhantom connects your WooCommerce store to the MGFirewallAI platform to analyze fraud signals and help prevent chargebacks or account abuse.

The plugin works only after explicit consent is enabled.

No data is transmitted automatically.

Data sent for analysis

• customer billing email (order only)
• public IP address
• order ID
• order total
• timestamp
• login flow URL after authentication
• browser metadata (user agent)

Data never sent

• passwords
• credit card numbers
• payment credentials
• sensitive personal data

Endpoint used

POST https://redflagai.tech/api/predict

Headers

Content-Type: application/json
x-api-key:

Data stored locally by the plugin

Order metadata

ironphantom_tx_id
ironphantom_risk_level
ironphantom_motivi
ironphantom_sent

User metadata

ironphantom_appena_loggato

Uninstall

Deleting the plugin automatically removes:

• plugin options
• database settings
• IronPhantom metadata stored on orders and users

More information:

Privacy Policy
https://redflagai.tech/privacy-policy

Terms of Use
https://redflagai.tech/terms

Troubleshooting

If IronPhantom cannot connect to the MGFirewallAI platform:

1. Enable Diagnostic Logs in

WooCommerce → Settings → IronPhantom Antifraud

1. Perform a test order.

2. Navigate to

WooCommerce → Status → Logs

1. Select the log file

ironphantom-antifraud

1. Download the log and send it to:

security@redflagai.tech

Common causes of connection issues:

• API key not activated
• hosting firewall blocking outbound requests
• temporary server maintenance