$340K in chargebacks blocked in 90 days
A growing D2C apparel brand was hemorrhaging revenue to stolen-card fraud routed through residential proxies. Traditional IP blocklists were useless. Sentinel stopped it in an afternoon — without touching the customer experience.
The Company
A mid-size D2C apparel brand with over 800,000 monthly visitors and a Shopify-based checkout. Rapidly growing, with a lean fraud team that couldn't scale manual review to match transaction volume.
The Problem
Their chargeback rate had climbed to 2.3% of monthly revenue — well above the 1% Visa threshold that triggers fines and monitoring programs. The fraud team traced roughly 40% of chargebacks back to orders placed with VPNs masking stolen credit card billing locations.
The harder problem: bots were rotating through residential proxy networks, placing hundreds of transactions per hour from different "clean" residential IPs. Every IP looked legitimate to traditional blocklists. The fraud was invisible.
Key pain points before Sentinel:
- Residential proxies bypassed every existing blocklist — each order came from a different "clean" residential IP
- Standard CAPTCHAs were solved instantly by CAPTCHA farms, adding friction only for real customers
- Manual review team was overwhelmed — reviewing 400+ flagged orders per day with 72-hour backlogs
- Visa had issued a chargeback warning — fines were imminent if the rate didn't drop
The Solution
The team integrated Sentinel's API at the checkout stage. Every checkout attempt passes through /v1/check before payment processing. Orders from residential proxy networks, datacenter IPs with spoofed headers, or high-risk ASNs are flagged for additional verification — or quietly rejected based on risk score thresholds.
Implementation took 3 hours using their existing Node.js backend. Risk score threshold was set at 65 — orders above that require SMS verification before the payment is processed. Legitimate customers never see a CAPTCHA.
"We'd tried IP reputation tools before but residential proxies always got through. Sentinel was the first solution that actually stopped them — and it took one afternoon to integrate."
— Head of Trust & SafetyResults — 90 Days Post-Implementation
Why Residential Proxies Are Hard to Stop
Traditional IP reputation tools work by maintaining blocklists of known bad IPs — datacenters, VPN endpoints, known fraud infrastructure. Residential proxies are different: they route traffic through real home internet connections, making each request look like a legitimate consumer in a specific city.
Sentinel detects residential proxies not by checking IP reputation alone, but by identifying the ASN signatures, traffic patterns, and device signals that indicate a proxy network is in use — even when the IP itself is "clean." This is the layer that traditional tools miss, and the layer where modern fraud lives.
Implementation Detail
The integration is a single API call at checkout submission. The Sentinel response includes a risk score (0–100) and specific signal flags. Their backend logic:
- Score 0–64: proceed to payment normally
- Score 65–84: require SMS verification before processing
- Score 85+: decline with a generic error and flag for review
The entire decision happens in under 40ms — below the threshold where users notice any latency.
Protect your e-commerce platform like this brand did
10,000 free API requests per month. No credit card. Integrates in an afternoon.
[ Get Free API Key ]