VIP Bypass
4 min read
VIP Customer Bypass is the setting that prevents your top customers from being caught by Card-Testing Defense velocity rules. It’s on by default. This page explains how the bypass identifies VIPs, when it applies, and when (rarely) you might want to turn it off.
How VIPs Are Identified #
The bypass identifies a customer as VIP at checkout time using two paths:
- Logged-in user: If the customer is logged in to a WooCommerce account, TrustLens looks up the user’s email hash in the customer table. If the customer’s segment is VIP, bypass applies.
- Guest checkout with VIP email: If the billing email matches a known VIP customer record (including allowlisted customers, who are locked at VIP), bypass applies even without a login.
Both checks happen before velocity counters are read or incremented.
What Bypass Does #
When a VIP is identified at checkout:
- The velocity counters are not read for their fingerprint
- The lockout flag is not checked
- The Panic Freeze block is skipped (unless explicitly disabled)
- Their checkout proceeds normally regardless of any rules that would otherwise block them
The bypass is comprehensive — it short-circuits the entire Card-Testing Defense layer for that request. The customer’s checkout experience is identical to having no defense in place.
Why Bypass Exists #
The bypass solves a specific class of false positive: legitimate VIPs producing high checkout velocity for innocent reasons. Common scenarios:
- VIP placing several orders in quick succession (gift-giving, bulk restocking)
- VIP using a corporate card that requires multiple validation attempts
- VIP testing payment options across multiple cards
- VIP returning after a typo’d email or expired session and retrying checkout
Without the bypass, any of these could trip the velocity threshold and produce a lockout error message on a customer who is, by definition, the kind of customer you want to keep.
When to Turn Bypass Off #
Bypass is a tradeoff between false-positive prevention and defense coverage. Turn it off if:
- You suspect a VIP fingerprint has been compromised. If an attacker has somehow stolen a VIP’s session or fingerprint, bypass would let them through.
- You’ve allowlisted very broadly. If your VIP segment includes many customers (e.g. you’ve allowlisted hundreds), the bypass exposes a larger surface than it protects.
- You’re under active attack and uncertain about VIP integrity. Temporarily disable bypass during the incident.
For most stores, the default of “on” is the right choice. The bypass is most valuable when you have meaningful VIP populations and active velocity protection.
Bypass vs Allowlist #
These are different concepts that work together:
| Mechanism | Effect |
|---|---|
| Allowlist (per customer) | Locks customer score at 100, marks as VIP, prevents all negative signals |
| VIP Bypass (system-wide) | Skips Card-Testing Defense velocity rules for customers in the VIP segment |
Allowlisting puts a customer into VIP; the bypass then skips them through Card-Testing rules. Disabling bypass doesn’t affect their allowlist status — they’re still segment-VIP, just subject to velocity rules.
Configuration #
Settings: TrustLens → Settings → Modules → Card Testing.
| Setting | Default | Description |
|---|---|---|
| VIP customer bypass | On | Skip velocity checks for VIP segment customers |
Changes take effect immediately on the next checkout request.
Bypass and Panic Freeze #
By default, VIP bypass applies even during a Panic Freeze — meaning your VIPs can still complete checkout even when the store is otherwise frozen. This is intentional: the most valuable customers should not be punished for an attack they’re not part of.
If you want a Panic Freeze to halt all checkouts including VIPs (e.g. you suspect VIP fingerprints are compromised), turn bypass off before activating the freeze.
How to Verify Bypass Is Working #
Quick sanity check:
- Identify a VIP customer (or allowlist a test account)
- Have them attempt a few checkouts in quick succession with a card that intentionally declines (e.g. a card with insufficient funds)
- Confirm they’re not locked out after the 5th attempt
- For comparison, repeat with a non-VIP fingerprint — confirm lockout triggers
This is also useful regression testing if you’ve customized the customer-identification logic via filters.
Reading Bypass Activity #
The Pro Attack History tab shows bypass events in the event log:
- How many checkout attempts went through bypass
- Which VIPs triggered it
- Whether any VIP fingerprints would have been locked without bypass
If the last item is non-zero — meaning bypass is consistently saving VIPs from lockouts — your VIPs are producing velocity above the threshold, and you should consider whether they need allowlisting or if there’s an underlying issue.
