Announcement

Collapse
No announcement yet.

stop credit card hackers

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    stop credit card hackers

    Is there a way to stop credit card hackers from running "test" scripts on my website and sending the numbers to authorize.net. I called authorize.net and they suggested having a captcha installed on my site. How is that done? Does MIVA have anything like that??

    #2
    Re: stop credit card hackers

    You have a couple of options, there is a recaptcha module from Miva Checkout reCAPTCHA. I have used Wolfpaw Fraud Screening and Detection on a site that was being hit very hard.
    Leslie Kirk
    Miva Certified Developer
    Miva Merchant Specialist since 1997
    Previously of Webs Your Way
    (aka Leslie Nord leslienord)

    Email me: [email protected]
    www.lesliekirk.com

    Follow me: Twitter | Facebook | FourSquare | Pinterest | Flickr

    Comment


      #3
      Re: stop credit card hackers

      The recaptcha module may not work as a lot of these attacks now use actual "humans" to try the card. Velocity checking is usually the only recourse. Odd, that AuthNet didn't mention that because its something they do on their end. (But I believe the WolfPaw module also does this.)
      Bruce Golub
      Phosphor Media - "Your Success is our Business"

      Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
      phosphormedia.com

      Comment


        #4
        Re: stop credit card hackers

        I've seen stores where they have a checkbox with the text "Check this if you are a human". Guessing it's JS edited for checked on form submit. Does that work or is it too easy to defeat?

        Larry
        Larry
        Luce Kanun Web Design
        www.facebook.com/wajake41
        www.plus.google.com/116415026668025242914/posts?hl=en


        Comment


          #5
          Re: stop credit card hackers

          Larry,

          That is the modern version of captcha functionality, it's designed to ease the pain experienced from crappy images containing text that humans had to type in a box. It enables a 2nd factor verification where you have to select some pre-defined images based on some criteria. They say it's easier than before, but I still see it hard for me :)

          BTW, if you are only trying to stop the automated scripted attacks (not the human attacks as Bruce mentioned), having a Honeypot in your forms can save you and your users a big pain.
          Rajnish Sinha
          ---------------------
          https://twitter.com/rajnishsi

          Comment


            #6
            Re: stop credit card hackers

            Doesn't everybody hate CAPTCHA? It's a good way to drive customers away I think.
            Re Honeypot. Hadn't heard of it before. The Google got me updated on it.
            https://solutionfactor.net/blog/2014/02/01/honeypot-technique-fast-easy-spam-prevention/

            If the check for the hidden field is done server side, is there a module available or is custom code needed?
            Larry
            Luce Kanun Web Design
            www.facebook.com/wajake41
            www.plus.google.com/116415026668025242914/posts?hl=en


            Comment


              #7
              Re: stop credit card hackers

              We use Authorize.net's "Fraud Detection Suite" which is $9.95 a month and well worth it. Everything is done on their end, and there is nothing to install or configure within Miva. I'm surprised they didn't mention this to you as an option. There are TONS of settings so you can pinpoint exactly what you want to do. For your case, you could use the "Transaction IP Velocity Filter" to automatically decline cards from someone who is "testing" a bunch of different cards.

              fraud-dectection-suite.jpg

              Regards,
              Eric

              Comment


                #8
                Re: stop credit card hackers

                I think they include the suite free now under their new pricing scheme.
                Thanks,

                Rick Wilson
                CEO
                Miva, Inc.
                [email protected]
                https://www.miva.com

                Comment

                Working...
                X