Plugin screenshot thumbnail 1/1


Utánvét Ellenőr is a SaaS provided by Dro-IT Ltd from Hungary: a service which will let shop owners filter orders with Cash on Delivery coming from known fraudulent e-mail addresses.

How does it work?

The idea behind the service is the following:

  • Someone orders with Cash on Delivery payment method, but later refuses to accept the package from the courier.
  • The shop owner flags this order with the Refused Package order status.
  • The module listens for orders entering this status.
  • Once an order ends up in this status, the module will hash the e-mail address of the user on the shop server with SHA-256 and sends the hash to our service, accompanied by a -1.
  • If the courier could hand over the package successfully, the shop owner flags the order with the successful order status. In this case the module hashes the e-mail with the same SHA-256 and sends the hash to our service, accompanied by a +1.
  • When someone with the same e-mail address would like to order (from the same or from another shop), this module can disable Cash on Delivery from available payment methods:
    • The user enters his e-mail address.
    • This value gets hashed with the same SHA-256 algorithm, and the module asks our service about this hash.
    • The service will return a JSON array and if the e-mail reputation provided in this payload does not meet the minimum value set by the shop owner in the module settings (Reputation Threshold), the module will disable the selected payment methods.

You need API keys to use this service. To obtain them, register at

Privacy implications

All inputs are hashed with SHA-256 by the module on your server. This means:

  • The entered e-mail address will NEVER leave your system.
  • SHA-256 is considered to be safe for hashing.
  • On "check requests" we don't receive the e-mail address, just a hash, and we provide only a couple of "numbers" about that hash. There is no way for us to know what was the original string before hashing.
  • In order to use our services, you MUST notify your users that "Automated individual decision-making" might be applied during checkout. For more information, please see GDPR Art. 22.

Note: this is not legal advice. Consult your lawyer before using this service in production.

Found a bug?

Check the issues or open a new one!

Installation Instructions

To install this plugin, copy the command above to your terminal.

Active Installs
Craft 3
Last release
January 6, 2021
Activity (30 days)
Closed Issues
Open Issues
Merged PRs
Open PRs