How do I install CustomerGenius in my Shopify store?

Click Install app in the Shopify App Store, approve the requested permissions, and our onboarding wizard pops up inside Shopify Admin to guide you through threshold settings and a one-time data sync for the past 60 days.

Does CustomerGenius start refunding orders the moment I install it?

No. Auto-refund is disabled by default. During onboarding you choose your auto-refund thresholds. You can either manually review the orders for some time to see how it works, or turn on auto-refunding from the start.

What signals feed the fraud score?

CustomerGenius compares every new order's email, phone number, billing and shipping addresses (fuzzy and exact), and name against prior orders that used the same discount code. Each matching field adds points to the fraud score.

What exactly happens when an order is refunded?

CustomerGenius issues a full refund via the Shopify API, and optionally sends you and the customer an email alert. If you use Recharge or ShipStation and have connected them in the settings tab, the order will also be cancelled there.

Will CustomerGenius slow down my checkout?

No. CustomerGenius processes orders post-checkout via Shopify's webhooks, so your storefront performance is completely unaffected.

Is there a free trial for CustomerGenius?

Yes, there is a 14-day free trial for all pricing tiers. CustomerGenius does not currently offer a permanent free tier, but you can use the trial period to determine whether there is enough discount fraud in your store to justify the subscription cost.

How do I get help if something looks wrong?

Email the CustomerGenius support team at support@customergenius.io.

Case Study: How a Coffee Brand Stopped Free-Product Giveaway Abuse Without a Discount Code

The Promotion That Did Not Look Like a Promotion

Most fraud detection thinking starts with a discount code. A merchant creates a coupon, a customer redeems it, and the system watches for the same customer redeeming it twice. That model is simple, well understood, and — crucially — incomplete.

The coffee brand in this case study designed an acquisition offer that broke the model entirely. They wanted a frictionless new-customer experience. No codes to copy, no fields to fill in, no "use promo code FREEBEAN at checkout" messaging on the marketing site. Instead, when a customer added certain products to their cart for the first time, a free coffee product was automatically added alongside it. No coupon. No code. No customer-facing redemption event.

From a conversion standpoint, this was excellent. It removed a friction point. It increased perceived value. It got new customers to experience a second product without asking them to do any work.

From a fraud detection standpoint, it exposed a gap in every discount-focused fraud prevention tool on the market — including, initially, CustomerGenius.

How Abusers Exploited It

The merchant started noticing a pattern in the order data about six weeks into the promotion. Certain shipping addresses kept appearing on orders that qualified for the free product. Some of those orders came from new accounts every time. The email addresses changed. The names changed slightly. The free coffee went out the door, over and over, to the same physical location.

Because the free product was triggered by cart composition rather than a coupon, every single one of those orders looked completely legitimate to any promotion-code-based fraud tool. There was no shared redemption event to flag. There was no discount code to monitor. The merchant's existing fraud software looked at the orders, saw no promotional trigger in the sense it understood, and passed them through.

The abuse was functionally identical to standard multi-email discount fraud, with one difference: the redemption mechanism was a cart condition rather than a coupon. The cost was the same — a free product shipped to the same person under a new identity, eating into the acquisition budget the merchant had sized for legitimate new customers.

Why Existing Fraud Tools Missed It

Most Shopify fraud detection apps, including earlier versions of CustomerGenius, work by monitoring discount codes. The merchant specifies which codes to watch, and the system scores orders using those codes against prior orders on the same code. If the code is not present, the order is not monitored. The assumption baked into the architecture is that promotional abuse always runs through a discount code.

For this coffee brand, that assumption broke. The promotional abuse was running through an entirely different mechanism: automatic free-product additions triggered by product presence in the cart. There was no code anywhere in the order data. The free product appeared as a line item priced at zero, with a tag indicating it had been added as a promotional bonus.

The merchant did not need fraud detection on discount codes. They needed fraud detection on a specific order characteristic — the presence of the promotional bonus tag on the order.

The Feature CustomerGenius Built: Order Tag Matching

CustomerGenius built order tag matching as a direct response to this merchant's problem. Instead of asking "does this order use a monitored discount code," the feature asks "does this order contain a monitored tag on any line item or on the order itself?"

This reframes the fraud detection trigger entirely. Any order characteristic that a merchant can express as a tag becomes a possible trigger for scoring:

A free product added as a promotional bonus

A loyalty program tier applied to the order

A bundled item signaling a specific promotional campaign

A product line associated with a first-time-customer offer

A tag automatically applied by another app indicating promotional eligibility

When an order comes in carrying one of the monitored tags, CustomerGenius runs the same multi-signal scoring it runs on discount code orders. Email, phone number, shipping address, billing address, and customer name are all compared against prior orders carrying the same tag. If enough signals match, the order is flagged or automatically refunded.

The coffee brand configured order tag matching against the tag their promotional flow added to free-coffee orders. From that point on, every order receiving a free coffee was scored the same way a discount-coded order would be. Duplicate claims were caught whether or not a code had ever been involved.

How the Detection Worked in Practice

On deployment, the merchant set a two-signal threshold for auto-cancellation. Two matching signals across email, phone, name, shipping address, or billing address would trigger an automatic refund of the full order, including cancellation of the fulfillment.

Orders with a single matching signal — typically the address matching a prior customer — went to a review queue. This is important for a brand with household shoppers. Two people living at the same address is not fraud, and the review queue let the support team distinguish legitimate household orders from duplicate-email orders coming from the same person.

Within the first month, the merchant saw a significant drop in free-coffee orders going to previously-flagged addresses. The abusers who had been cycling through emails to collect free product repeatedly found that their orders were cancelled and their cards refunded before the coffee shipped. The promotion continued to run at full strength for legitimate new customers, with no change to the customer-facing experience.

Why This Matters Beyond Coffee

Order tag matching is a small feature technically — it is a different trigger condition layered on top of existing scoring logic — but it changes what fraud prevention can cover.

Modern ecommerce promotions do not always run through discount codes. Gift-with-purchase offers, tiered loyalty rewards, automatic bundle pricing, BOGO mechanics, and category-based first-order perks all bypass the traditional coupon code model. Shopify Functions, Rebuy, Shogun, and many other promotional engines create offers that leave discount-code-based fraud tools completely blind.

For merchants running any promotional structure that does not rely on a coupon code, the fraud exposure is identical to the coupon-code world. A promotion attractive enough to drive acquisition is attractive enough to attract abuse. What changes is only whether the abuse is visible to your existing tools.

Order tag matching closes that gap. Any promotional mechanism that can be represented as a tag — and nearly all of them can — can be monitored with the same duplicate-detection logic that watches your coupon codes.

Configuring Tag-Based Detection Without Hitting Legitimate Customers

One of the practical concerns with any fraud detection system is false positives — flagging legitimate customers and either refunding real orders or making honest shoppers feel accused. Tag-based detection faces the same risk as code-based detection, and the right calibration is similar.

For the coffee brand, the configuration involved a few practical choices:

Start with flag-for-review, not auto-cancel. During the first two weeks, orders matching the pattern were sent to a review queue instead of being refunded automatically. That gave the team a window to confirm the detection was behaving correctly before handing it full autonomy.

Use a two-signal threshold. A single matching signal — most commonly a shared shipping address — is not enough to distinguish a household shopper from an abusive one. Requiring two or more signals dropped the false positive rate to nearly zero in the calibration window.

Whitelist known accounts. A handful of addresses that legitimately placed multiple orders (press samples, influencer seeding, wholesale relationships) were tagged to exempt them from scoring. Order tag matching is permissive here — merchants can mark specific accounts as trusted and exclude them from the detection flow entirely.

After that initial calibration, the merchant moved the configuration to auto-cancel. Refunds processed automatically within seconds of the order hitting Shopify, and the review queue stayed quiet except for edge cases worth a human look.

Results: Free-Product Abuse Cut, Acquisition Intact

The merchant tracked a meaningful reduction in repeat claims from the same identities within the first month of enabling order tag matching. The free product continued to drive first-order conversion for legitimate new customers, with no change to the customer-facing experience. The only people affected were the abusers cycling through emails to claim the product repeatedly. For them, the cost was simply a refund to their card instead of a shipment of coffee.

The broader lesson is that fraud detection has to match the shape of the promotion. A detection system that only watches coupon codes will miss the promotions that do not use coupon codes, and those promotions are increasingly common as brands move toward frictionless acquisition experiences.

The Takeaway

If your Shopify store runs any promotion that is not a simple coupon code — free product offers, gift-with-purchase, automatic bundles, tiered rewards, BOGO — it is worth asking how abuse is being tracked on those specific mechanisms. Standard discount fraud tools are almost certainly not monitoring them. The assumption that abuse requires a coupon code is outdated, and detection tools that rely on that assumption leave gaps the size of whichever promotions do not use codes.

CustomerGenius's order tag matching extends duplicate-email fraud detection to any promotional structure a merchant can tag on an order. The logic is identical to discount code monitoring — multi-signal scoring against prior customers — but the trigger is flexible enough to cover the promotional mechanics that do not use codes at all.

To see how order tag matching fits alongside discount code monitoring, visit the CustomerGenius pricing page or install CustomerGenius from the Shopify App Store for a 14-day free trial.