What Is TOR?
TOR (The Onion Router) is a network designed for anonymous internet browsing. Traffic is routed through multiple servers worldwide, making it nearly impossible to trace back to the original user.
While TOR has legitimate uses (privacy advocates, journalists, activists in restrictive countries), it’s also used for:
- Payment fraud with stolen cards
- Scraping without attribution
- Bypassing bans and restrictions
- Anonymous abuse of promotions
Why TOR Users Are Higher Risk
Extreme Anonymity
Unlike VPNs, TOR provides multiple layers of anonymity. Users can’t be traced, making fraud prosecution nearly impossible.
Higher Fraud Correlation
Studies consistently show TOR exit nodes are associated with higher fraud rates than regular or even VPN traffic.
Abuse Potential
The inability to identify or ban users makes TOR attractive for:
- Repeated promotional abuse
- Account creation spam
- Automated attacks
- Inventory manipulation
Non-Commercial Intent
Most legitimate shoppers don’t need TOR-level anonymity. High TOR usage often indicates non-purchasing intent.
Warning Signs of TOR Abuse
- Unusual transaction patterns from IP addresses that keep changing
- High cart abandonment from traffic that can’t be retargeted
- Failed payment attempts clustered from anonymous sources
- Promotional abuse by apparently endless “new” users
TOR vs VPN: Key Differences
| Aspect | TOR | VPN |
|---|---|---|
| Anonymity Level | Very High | Medium |
| Speed | Slow | Fast |
| Typical Users | Privacy extremists, bad actors | General privacy seekers |
| Detection | Easier (known exit nodes) | Harder (commercial services) |
| Fraud Correlation | Very High | High |
| Legitimate Use Cases | Few for commerce | Some for commerce |
When To Block TOR
Strong Cases for Blocking
- You’ve experienced TOR-related fraud
- You don’t sell to markets where TOR is commonly used for safety
- Your products have age or geographic restrictions
- You run limited inventory promotions
Cases for Allowing
- You explicitly serve privacy-focused customers
- Your products are used by activists or journalists
- You have other fraud prevention catching issues
- TOR represents minimal traffic anyway
How SecurEcommerce Handles TOR
Exit Node Detection
We maintain an updated list of TOR exit nodes. Any traffic from these IPs is flagged as TOR traffic.
Flexible Blocking Options
You can choose to:
- Block TOR completely
- Allow but flag for manual review
- Show a custom message explaining restrictions
Combined with VPN Blocking
TOR blocking works alongside VPN blocking, giving you comprehensive anonymous traffic control.
The TOR Trade-Off
Blocking TOR is less controversial than blocking VPNs because:
- Fewer legitimate users: Most normal shoppers don’t use TOR
- Slower browsing: TOR is too slow for comfortable shopping
- Higher risk correlation: Fraud rates from TOR are consistently higher
- Clearer signal: TOR use for shopping is unusual enough to be suspicious
That said, if you serve markets where internet freedom is restricted, some customers may legitimately need TOR to access your store safely.
Recommended Approach
For most Shopify stores, we recommend:
- Block TOR by default - The risk-to-legitimate-customer ratio favors blocking
- Monitor blocked attempts - Track how much TOR traffic you’re seeing
- Provide alternatives - Customer service contact for legitimate needs
- Review periodically - Adjust based on your specific data
SecurEcommerce makes it easy to enable or disable TOR blocking as you learn what works for your store.