When Mango had its systems tested by a fraud service provider in 2024, everything seemed to be going according to plan – until the internal fraud system sounded the alarm.
The big surprise for the Spanish fashion retailer: thousands of orders were blocked in daily business – not because of fraud, but because of false alarms.
False declines were sorted out as a risk by the existing fraud system, even though they were legitimate orders. What was intended as a security measure cost the fashion brand sales and trust.
It was only when Mango had the rejected orders re-checked that it became apparent that more than 60 per cent of the “suspicious” purchases were completely legitimate.
What are false positives – and why do they slow teams down?
False positives are false alarms: A system reports an ‘anomaly’ even though everything is fine – at checkout (false declines) or in operational monitoring (payment timeouts, traffic spikes, seasonal outliers).
The effect is doubly costly: teams chase phantom problems, real anomalies get lost in the noise – and conversion suffers.
But how big is the problem really?
The extent of so-called false positives is greater than many merchants suspect.
According to the Merchant Risk Council (Global eCommerce Payments & Fraud Report 2024), companies report that between 2 and 10 per cent of all orders are incorrectly classified as fraud.
This is also confirmed by an analysis by Stripe: the stricter the fraud prevention settings, the more often legitimate payments are declined.
Particularly critical: 33 per cent of customers do not shop with the retailer again after such a false rejection (source: Stripe, The State of Checkouts 2023).
How machine learning reduces false alarms
Instead of rigid thresholds, modern systems use prediction bands: machine learning (ML) learns from historical patterns (e.g. orders per hour/day of the week, channel mix, seasonality) and defines dynamic normal ranges.
Values outside these bands trigger alarms – within them, everything remains quiet. This reduces hypersensitivity and thus false positives compared to simple rules.
Why an anomaly score makes all the difference
Not every alarm is equally important. An anomaly score – usually on a scale of 0 to 100 – assesses the criticality of a deviation and helps to set priorities.
- A sudden drop in approved payments in a country or wallet? → Act immediately.
- An unusual spike in returns in a particular category? → Check and plan.
- A seasonal fluctuation in order volume? → Observe, but don't overreact.
The benefits are obvious: weighting the alerts reduces the constant jumping back and forth between cases.
The team works with a clear list of priorities, responds more quickly to critical deviations – and no longer wastes time with false alarms.
Operational effect: less noise, more revenue protection
Fewer false alarms mean more focus and stability in day-to-day business. When unnecessary warnings are reduced, operational processes run more smoothly – teams no longer have to jump between irrelevant alerts in ‘firefighting mode’ but can concentrate on the really critical deviations.
The customer experience also benefits: when legitimate payments are not mistakenly blocked, the purchase abandonment rate drops noticeably.
5 concrete steps for Shopware 6 merchants (short & actionable)
If you want to reduce false positives and make monitoring more efficient, you need more than just new tools – you need clear principles. These five approaches have proven themselves in practice:
- Replace static thresholds: Combine rule sets with ML-based prediction bands. (Rules remain as a safety net.)
- Introduce score-based prioritisation: Sort alerts by criticality and affected channels/wallets.
- Backtesting & tuning: Regularly test alert rules retrospectively (hit rate vs. false positives) and make the trade-offs visible.
- Segmented monitoring: Monitor by country, payment method/wallet, device, campaign source – not just total values. Otherwise, problem areas remain invisible.
- ‘Second opinion’ at checkout: Route borderline cases to an alternative verification system instead of rejecting them outright.
These steps lay the foundation for not only understanding alerts, but also weighing them correctly.
However, manual monitoring alone is not enough in the long term – true stability only comes when systems learn to set priorities themselves.
Conclusion: How to prevent false positives with intelligent anomaly detection
Systems such as INTELLIFANT complement Shopware 6 with real-time anomaly detection in order numbers – with dynamic expectation bands and prioritisation of alerts based on the anomaly score.
This allows you to filter out the few warnings that really matter – and take focused action before conversion and revenue suffer.
#earlywarning system #ecommercemonitoring #alertoptimisation #falsepositives #anomalydetection
