What gets logged
A FraudCheckAction row is created when an order rated HIGH (or MEDIUM, when the high-risk threshold is enabled) by Shopify Risk Analysis lands in the queue. Each row stores:
- Order ID — the Shopify order GID, one row per purchase on the order.
- Risk level —
HIGH,MEDIUM, orLOWas returned by Shopify. - Decision —
approvedas a tri-state:null(pending),true(approved),false(rejected). - Created at — the timestamp the order was flagged.
- Auto-fulfilment flag — whether Shopify fulfilment was deferred until approval.
Approve and reject are the only two action types. There is no separate revoke entry — revoking access after delivery is a different operation on the Order page.
Where to view it
Open Flagged Orders in the Alva admin left navigation. The page has two tabs:
- Active — pending decisions (
approved = null), oldest first. - Archive — past decisions, where rejected rows live.
Approved rows are not retained on the Archive tab. After approval, Alva deletes the FraudCheckAction row as part of the cleanup chain. The audit trail for an approval lives on the Purchase record as fraudCheckPassed = true, visible inline on the order detail page.
Alva admin → Flagged Orders → Archive tab. Show the table with three example rejected rows: order ID, flagged date, risk level (HIGH and MEDIUM badges), auto-fulfilment column, and a status badge showing "Rejected" in red. The Active tab visible but unselected. No real customer data visible.
Filtering and exporting
The Flagged Orders page loads up to the most recent 500 rows per shop, ordered newest first. Use the filter bar above each table to narrow:
- Order ID search — case-insensitive substring match against the GID.
- Risk level — multi-select chips for HIGH, MEDIUM, LOW.
Date-range filtering and decision-maker (user) attribution are not exposed in the current admin UI. There is no built-in CSV export for the fraud log; the rows are visible in-page and pageable in batches of 20. For a deeper audit, query the FraudCheckAction table directly via support — every row carries shopId, orderId, purchaseId, and createdAt.
Alva admin → Order detail page (app/orders/$id) for an approved order. Show the Fraud check section with risk level badge ("High"), the timestamp the check ran, and "Approved" status. Display the inline fraud check history as it appears on the page. No real customer data visible.
Honest constraint
Two gaps are worth knowing. Automated approvals from Shopify Flow (the "Approve order" Flow action) write to the same FraudCheckAction row and follow the same delete-on-approval cleanup, so a Flow-driven approval leaves no fraud-log trace once it completes — only Purchase.fraudCheckPassed = true remains. POS orders skip fraud checks entirely; no FraudCheckAction row is ever created for a POS sale, so POS orders never appear on the log in either tab.
Frequently asked questions
Can I undo an approval or rejection?
A rejection can be reversed: open the Archive tab in Flagged Orders and click Approve on the rejected row. An approval cannot be undone from the log because Alva deletes the FraudCheckAction row after approval. To cut off access on an already-approved order, revoke download access on the Order page and refund or cancel in Shopify.
How long is the fraud action log retained?
Rejected FraudCheckAction rows are retained indefinitely, alongside the Purchase. They are removed only when the parent purchase or shop record is deleted (cascade delete). Approved decisions are not retained as log rows; the audit trail for an approval lives on the Purchase record as fraudCheckPassed = true.
Does the customer see anything from the fraud action log?
No. The fraud action log is admin-only. The customer never sees the risk level, the decision, or the timestamp. They see the download email when an order is approved and a held order page when a decision is pending or rejected.