Jump to content

Blocked domain being used by Forter.com


Recommended Posts



At the bottom of the email is a detailed explanation about Forter (www.forter.com).
Recently, it seems a an update was made to to include one of our cloudfront endpoints (d35u1vg1q28b3w.cloudfront.net). 

This domain was also included in one of you blogposts about cloudfront blockings: https://www.malwarebytes.com/blog/detections/cloudfront-net
This domain is solely used to server our fraud prevention SDK to be embedded on our paying client's websites and does not contain any malicious content or pose any risk to customers.

As you can read below and can verify with numerous sources:
Forter is a highly reputable fraud-fighting service in the e-commerce space, and the data we collect is solely for that purpose (and is clearly defined in our EULA and our client EULAs).

For this reason we ask that our URLs are whitelisted from adblock lists you maintain, and our domain removed from the blog post.

Thank you in advance for helping fight online fraud.


About Forter (www.forter.com)

Forter provides a fraud security and trust solution to e-commerce merchants.  Our service is integrated into our customers' websites and mobile apps and obtains data about each attempted transaction by an end customer, including the personal details of the end customer, information about their device and connection, and metadata about how they interact with the site.  Forter then renders a decision about the legitimacy of the transaction based on analysis of that data.

As part of the integration and operation of the Forter service on the merchant site, the Forter JavaScript generates an HTTP/Browser cookie on the merchant's local domain. The cookie is PCI compliant, only created locally, and exposed in the form of an alphanumeric string. The ForterToken cookie does not expose any PCI identifying information and the Forter JavaScript does not scrape any data from a merchant's site. The cookie and data sent from the script allows Forter to connect cyber and behavioral data collected via Forter's JavaScript to the subsequent order that is placed and decisioned via the backend Forter Validation API during checkout event.

Forter's data processing activities are compliant with applicable law, and Forter has in place a robust compliance program to ensure compliance with the obligations applicable to data processors and data controllers. Forter's services privacy policy explains to end customers their rights vis-a-vis Forter and how to exercise those rights.  There is a clear legitimate interest for our services and the services are necessary to complete the transaction with end customers. GDPR explicitly recognizes the validity of processing personal data for fraud prevention, including by establishing that the prevention of fraud is a per se legitimate interest. Forter uses cookies with regard to users actively engaging with a merchant's site. The information derived from the cookie and JS operation is used for the sole purpose of detecting whether the user engaging with the site is a fraudulent or malicious actor, a process which is strictly necessary for providing the merchant's service.

Forter's customers rely on our service to prevent against fraud and help protect their customers. Any interruption or degradation of the service could cause harm to our customers and their end users, and for this reason Forter commits to high availability standards.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.