Introduction
Rivo has many different tools and checks we do each time a referral link is used. These security checks can cut down on fraud by up to 95%. An overview of the fraud protection tools is below.
✨ Referral campaigns are available on the Scale and Plus plans. See pricing →
Fraud prevention tools
Our tools are built-in to the referrals platform and provide multiple layers of protection. Most work automatically, while some can be customized in your referral settings dashboard.
IP address check to ensure only one referral per household
We track IP addresses to ensure that if a friend uses a referral link from the same Wi-Fi network or IP address as the advocate (say, within the same household), they won’t be able to sign up.
New: Add an IP address threshold from the referral fraud settings dashboard.
No self-referrals
If an advocate tries to refer themselves using the same email, the system won’t allow it.
No using email variations with “+”
The system will protect against self-referrals and will filter out people who use slight email variations. For example, if the advocate's email is “[email protected]", trying “[email protected]” won’t work for the friend.
Referral link cookies
We use cookie tracking to stop people from referring themselves using different email addresses through the same browser.
Referral Share Links
Rivo uses Share Links technology to create a custom referral experience unique to each merchant. This experience is customized and contains protection tools built in.
Existing customer validation
Referrals are only applicable for new customers to your shop. Our system performs comprehensive checks:
Purchase history check: If someone tries to refer an email address that has already purchased from your brand, the system will automatically block it
Account existence check: The system verifies that the referred email doesn't belong to an existing customer account
Order timing validation: We check if the customer was created recently (within 10 minutes) to ensure legitimate new signups
This ensures that referral rewards are only given for genuinely new customers.
Automatic advocate blocking
Our system can automatically block advocates who show suspicious patterns:
Percentage-based blocking: Set a failure rate threshold (e.g., 50%) - if an advocate's referrals fail more than this percentage, they'll be automatically blocked
Minimum referral count: Set a minimum number of referrals (recommended: at least 5) before percentage blocking is applied to avoid penalizing new advocates
Pattern detection: Our global fraud detection system identifies customers with suspicious activity patterns across multiple earning opportunities
These settings can be configured in your referral fraud settings dashboard.
Order IP address verification
For enhanced security, we can cross-reference referral signup IP addresses with previous order IP addresses to identify potential fraud patterns. This helps detect when the same person is placing orders and creating referral accounts.
Minimum Cart Requirements and conditions for rewards
As the merchant, you can configure specific reward amounts to reach for the referral to apply. These will automatically apply to your emails if you use the dynamic email variable called ##{{reward_tos}}.
For example, for the advocate to earn a reward, the friend should make a purchase that meets $100 or more from the new arrivals collection.
Rewards will only be issued after order fulfillment
Advocates receive their reward only after the friend’s order has been marked fulfilled in Shopify. Make sure you're marking your orders as fulfilled, as this will ensure the referred friend purchase is legitimate.
Manual exclusion and management tools
You have complete control over who can participate in your referral program:
Shadow ban capability: Silently exclude any customer from the referral program with the click of a button, right from their customer profile
Referral status management: View and manage referral statuses (pending, completed, blocked) from your dashboard
Unblocking capability: Manually unblock referrals that were automatically blocked if you determine they're legitimate
Bulk management: Handle multiple referrals and customer exclusions efficiently
When a customer is excluded, they won't be able to earn points, redeem rewards, or participate in any loyalty program features, including referrals.
Unique discount codes and security
Rewards are specified and limited to the friend or advocate to whom they belong. Each discount code is unique and cannot be shared or reused by others.
Global fraud detection system
Our platform includes sophisticated fraud detection that monitors patterns across your entire loyalty program:
Activity pattern analysis: Identifies customers with suspicious earning patterns across multiple program features
Threshold monitoring: Automatically flags customers who exceed normal activity limits (default: 20 actions per week)
Cross-program detection: Monitors behavior across referrals, points earning, and other loyalty activities
Automatic flagging: Suspicious accounts are automatically marked for review
This system works in the background to identify potential fraud before it impacts your program.
Translating your error messaging
The default translation is listed below. If you want to change it to something else you can go to Branding > Translation to change your error messaging.
Message Type | Error Message (external) | Meaning (internal) |
Referrals general invalid title | We're Sorry | This title goes with the 'Referrals general invalid' text |
Referrals general invalid | Sorry, looks like this referral is invalid | The referral used does not meet the necessary criteria or does not exist |
Referrals similar ip invalid | We are unable to process referrals within the same IP address | Referrals cannot be processed from the same IP address, to prevent fraud |
Referrals code invalid | This referral code is invalid | The entered referral code is not recognized or is incorrect |
Referrals already visited | Already visited this page | The user has already accessed this page or referral link, so it cannot be used again |
Referrals program disabled | This referral program is disabled | The referral program is currently not active |
Referrals email already claimed | This email has already been claimed | The email address entered has already been used in the referral program |
Referrals account already claimed | You already have an account. You can invite your friends to win rewards! | The user already has an account and is encouraged to invite friends to win rewards |
Common questions
Can I manually exclude a customer from the referrals program?
Yes! You can click here to learn how to exclude a customer.
Can an advocate try to refer a friend who is an existing customer and who has placed past orders but never used a referral discount code?
When the friend submits their email address we run a whole list of fraud checks before we award them the referral reward. One of these checks is if the email provided has a purchase history. If the customer placed an order previously this referral will be marked as blocked status. Learn more about statuses here.
What happens when a referral is blocked?
When a referral is blocked, no rewards are issued to either the advocate or the friend. The referral appears in your dashboard with a "blocked" status, and you can see the specific reason it was blocked. You can manually unblock referrals if you determine they're legitimate.
How do IP address thresholds work?
By default, any referral from the same IP address is blocked. When you enable IP thresholds, the system allows up to 10 referrals per week from the same IP address before blocking additional ones. This can be useful for businesses like colleges or offices where multiple legitimate customers share the same IP address.
Can I customize the fraud detection settings?
Yes! You can access fraud prevention settings in your referral dashboard to configure IP blocking, advocate failure thresholds, reward timing, and other security options. Most settings have recommended defaults that work well for most businesses.
What's the difference between automatic and manual fraud detection?
Automatic fraud detection runs in real-time and blocks suspicious referrals immediately based on your configured rules. Manual fraud detection tools allow you to review, block, or unblock referrals and customers after the fact. Both work together to provide comprehensive protection.