Every time a robot or assistant tries to buy in your store, Trusteed checks these rules in milliseconds. Hit "See it in action" on any rule to watch it work.
30
active rules
2
security tiers
<10ms
per evaluation
Who is buying?
Rules that verify the agent's identity before anything else.
R001BlockTier 1
The agent must identify itself
If a robot or assistant wants to buy in your store it must show its 'digital ID'. No identification, no purchase. That simple.
Example: An anonymous bot tries to add 3 shirts to the cart → Trusteed stops it before payment.
R002BlockTier 1
The agent's ID must be genuine
The agent's digital ID has a cryptographic 'signature' that proves it is real. If someone tries to use a fake or tampered ID, the purchase is stopped instantly.
Example: An attacker tampers with the agent token → invalid signature → blocked.
R003BlockTier 1
The order must not exceed what the user authorised
When a user lets an assistant buy for them, they set a limit — a maximum amount ('no more than €100') and/or which product categories are allowed (chosen from a dropdown, e.g. 'sneakers only'). If the cart goes over the amount or includes a category outside the mandate, the purchase is stopped.
Example: User authorised up to €100 and the cart reaches €250 → blocked.
R004BlockTier 2
Digital ID too new
If the agent's 'digital ID' was created very recently, an extra check is added. Brand-new keys are a warning sign.
Example: Agent uses a key created just moments ago → extra check before payment.
R005BlockTier 1
Agent is blocked or revoked
If Trusteed has cancelled an agent's access — for abuse, fraud or any other reason — that agent cannot buy in any connected store.
Example: An agent marked as fraudulent tries to buy → blocked immediately.
R006BlockTier 2
Verification source not reliable enough
Not all systems that 'verify' agents are equally reliable. If the verification source has low confidence, the purchase is stopped.
Example: Agent verified by a low-confidence system → blocked.
R007BlockTier 2
Agent blocked in other stores
If an agent has recently been blocked across several Trusteed stores, your store blocks it too. Shared protection between merchants.
Example: A bot blocked in 3 clothing stores → also blocked in your shoe store.
R008BlockTier 1
Agent requesting more permissions than authorised
The user gives the assistant specific permissions ('search only', 'add to cart only'). If the assistant tries to do something more — like pay without permission — it is stopped.
Example: Assistant with 'search' permission tries to process payment → blocked.
Is this order safe?
Rules that detect unusual behaviour, abuse patterns, and high-risk transactions.
R009BlockTier 1
Identity verification required at checkout
On automated payment routes, the agent must always identify itself. No exceptions at checkout.
Example: Agentic checkout with no agent token → blocked before processing.
R010BlockTier 2
First purchase from a new agent
Agents that have never bought in your store go through an extra check. Like asking for references the first time.
Example: New agent with no history in your store → review before approving.
R011BlockTier 2
Too many failed attempts in a row
If an agent racks up several failed payment attempts in a short time, something is wrong. Could be an error, could be an attack. Stopped for investigation.
Example: Several failed payment attempts in a short window → temporarily blocked.
R012BlockTier 2
High-risk product category
Some products (gift cards, expensive electronics, etc.) have higher fraud risk. The merchant picks the categories to flag from a dropdown — no typing — and the order is held for review when one is in the cart.
Example: Agent tries to buy 10 gift cards → blocked (flagged category).
R013BlockTier 2
Conflict with the return policy
If you sell non-returnable products (digital items, unique sizes) and the agent has not confirmed it understands, the purchase is stopped to avoid disputes.
Example: Agent buys a digital course without confirming it has no return → blocked.
R014BlockTier 2
Delivery address risk or too many cancellations
Blocks deliveries to restricted countries (North Korea, Iran, Syria, Cuba) and agents that cancel too many orders after shipping.
Example: Order with shipping to Iran → blocked automatically by legal restrictions.
R015BlockTier 2
Price changed after adding to cart
If a product's price changed significantly since the agent found it, the purchase is stopped. The agent would be buying something different from what the user authorised.
Example: Product cost €50 when the agent found it, now costs €58 → extra check.
R016BlockTier 2
Insufficient or uncertain stock
If the product has very low or uncertain stock, the purchase is stopped to avoid selling something that may not be available.
Example: Last pair of trainers in stock, warehouse not confirmed → extra check.
R017BlockTier 2
Discount code abuse
If an agent makes excessive use of discount codes in a row, it is running a brute-force attack to find valid coupons. Stopped immediately.
Example: Bot rapidly tries many discount codes in a row → blocked.
R018BlockTier 2
Unusually large order
If the cart is far larger than your store's average order, something does not add up. Could be an error, could be fraud. Reviewed before processing.
Example: Store with a modest average order receives a far larger cart → review triggered.
Does it follow your store rules?
Rules around geography, payment methods, post-purchase behaviour, and product types.
R019BlockTier 2
Country not allowed by the merchant
The merchant can restrict which countries they sell to. If an order comes from an unauthorised country, it is blocked automatically.
Example: Store that only sells in Spain receives an order billed in Mexico → blocked.
R020BlockTier 2
Outside business hours
Some merchants — especially B2B — only accept agent orders during working hours. If an agent tries to buy at 3 AM it is paused until the next business day.
Example: B2B store only accepts orders 9–18h and one arrives at 23h → paused.
R021Additional verificationTier 2
First purchase of this agent in your store
Even if the agent is well-known in other stores, its first purchase with you always goes through an extra check. First time — reasonable to verify.
Example: Veteran agent with 500 global purchases, but first time in your store → review.
R022BlockTier 2
Payment method not authorised
The merchant can decide which payment methods to accept for agent purchases. If the agent tries to pay with an unauthorised method, it is stopped.
Example: Merchant does not accept BNPL for agents and assistant tries to pay with Klarna → blocked.
R023BlockTier 2
Too many returns
If an agent returns a disproportionate share of everything it buys, there is an abnormal pattern. It may be testing products at the merchant's expense.
Example: Agent that returns most of its recent orders → blocked.
R024BlockTier 2
Too many payment disputes
Chargebacks cost the merchant money. If an agent has opened several disputes recently, it is blocked to protect the merchant.
Example: Agent with several recent chargebacks → blocked.
R025BlockTier 2
Suspicious delivery address
PO boxes and freight forwarders are signs of package re-routing — a common pattern in fraud. The merchant can block these addresses.
Example: Delivery to 'Package Forwarder LLC, Miami' → re-routing signal → review.
R026BlockTier 2
Subscription without explicit consent
Agents cannot subscribe the user to recurring payments without the user explicitly approving it. No written consent, no subscription.
Example: Assistant tries to activate annual subscription without user confirmation → blocked.
R027BlockTier 2
Gift card or stored-value purchase
Gift cards are hard to trace and widely used in fraud. By default, agents cannot buy them unless the merchant explicitly allows it.
Example: Agent tries to buy €500 in gift cards → blocked by default.
R028BlockTier 2
B2B order without purchase order
In business-to-business sales there must always be an official purchase order. If the agent places a B2B order without one, it is stopped.
Example: Company buys office supplies through agent with no PO number → blocked.
General settings
Simple catch-all controls that every store can configure in minutes.
R029BlockTier 2
Merchant security preset
The merchant chooses their security level: Open, Balanced, Strict or Regulated. Each level requires different evidence. Without the right evidence, the purchase is stopped.
Example: Merchant in Regulated mode: agent without regulatory evidence → blocked.
R030BlockTier 2
Basic store controls
The merchant can set simple rules: maximum order amount, allowed countries. The easiest rules to configure and the ones most small stores use.
Example: Merchant sets max €100 per agent order; cart of €180 → blocked.