Whitelists; graylists, which are also called custom lists; and blacklists, which are also called block lists, offer basic access control mechanisms to allow, limit, or prevent a group of clients to buy products or services from an e-commerce vendor.
The principle of lists is straightforward. Order characteristics, such as the email, the IP address, or the phone number are added to lists, and if a client who makes a purchase is on one of these lists, his or her order is allowed, delayed, or stopped as appropriate.
Pros and cons
In terms of pros and cons, white-, gray-, and blacklists have the advantage to be very simple to setup, configure, and understand. However, lists will stall or drift in time and the lists will lead to more errors of type I or false positives over time. This is a major drawback.