I know we are all trying to manage and mitigate fraud as much as possible. It occurred to me yesterday that the cart saves the data on IP Address on how many order attempts any IP address accumulates. This information can help us SEE if there was a swarm of attempts before the order finally was completed.

For example, even if a user automates 100 purchase attempts - rotating to a different IP address each time - we could SEE that spam of failed attempts prior to when an order DID finally authenticate and then we can give that order extra attention.

Additionally, if that data were not discarded after 24 hours, it could be actively referenced when processing orders.

Automation for us would look something like:
if there are X qty of failed attempts (on ANY IP address) within 15 minutes of an order completing, FLAG that order in the admin for extra review.

Sure, we would flag legitimate orders, but I'd rather review legitimate orders than to ignore the otherwise obvious data we have at our fingertips that can help us be on guard!