#MayankBruh-keys
mortal star
I've no idea what that is. Anyway, secret key in this context will be your secret API key (sk_xxx), from here: https://dashboard.stripe.com/apikeys
The endpoint secret key pertains to webhook event signing: https://stripe.com/docs/webhooks/signatures
Those are unique per webhook, can also be found in your Dashboard once configured
thorn current
it worked!! @mortal star
can you help me setup 3d secure
as some guys are threatening me that they will get my stripe deactivated
i have some us client payment that will come thru
mortal star
What do you mean by 'setup'? It's not something you really setup, you just need to be able to handle 3DS requests
How are you currently integrating?
thorn current
How are you currently integrating?
i just used the open source client
there i just had to add endpoint secret and sk key
do i have to do it from backend?
mortal star
i just used the open source client
I'm not really sure that this means
What's your Stripe account ID?
thorn current
What's your Stripe account ID?
like the email?
mortal star
Normally looks like acct_xxx
I wouldn't recommend sharing your email here (the server is public)
void fable
Just stepping in to help.
@thorn current, you can use Radar in order to block non-3DS payments, or set payment_method_options[card][request_three_d_secure]to be any when creating a PaymentIntent to force 3DS ๐
By default, Stripe should ask 3DS authentication automatically using risk level and other parameters (like SCA in Europe).
thorn current
@mortal star ig someone is carding
how do i prevent this
pls tell me
@frigid tapir
my friends bot flantic stripe suspended too
this means that 3d secure is enabled right?
@void fable
void fable
@frigid tapir Mayank needs to enable 3D Secure to protect himself against carding.
void fable
https://has-no-bra.in/5DLXaiLqx
Yes, that means 3D Secure is enabled. Did you add the parameter I told you ?
thorn current
Yes, that means 3D Secure is enabled. Did you add the parameter I told you ?
i cant
its like a setup
void fable
You use an online service ?
thorn current
void fable
So it's a self-hosted thing right ?
thorn current
like minecraft and all
void fable
If you are confident enough with code to edit this code, you can add the parameter.
If not, I would recommend to use Radar for Fraud Teams that allows you to force 3DS (see https://stripe.com/radar/pricing for prices) or you may need to find alternative solutions like WAF filters or rate-limiting on your server if you don't want to change the platform code.
frigid tapir
Let's back up a moment.
@thorn current can you clarify what you need to do here? You said: can you help me setup 3d secure
Which integration flow are you using?
Are you using a plugin?
void fable
Long story short for you bismarck: Mayank is afraid of carding on his platform and wants to force 3D Secure, he uses a premade open source tool.
frigid tapir
Where you provide your API key to a third party?
thorn current
Where you provide your API key to a third party?
nah
like many of my friends stripe got banned bc peopel carded on there links
Flantic bot it is
and ik its really difficult to get back that stripe account
these are the files
if you can check the integeration
void fable
@frigid tapir I've checked it's using Checkout Sessions.
Checkout Sessions does include protection against card testing and chargebacks automatically right ?
thorn current
Where you provide your API key to a third party?
i am not that dumb sir ik you dont give anyone your api key
thats dangerous
void fable
That's not what he meant haha
thorn current
That's not what he meant haha
nah i am not being rude or anything
i am chill
just dont want my account to be terminated uk
frigid tapir
So yes Checkout has some built in card testing prevention tools.
thorn current
So yes Checkout has some built in card testing prevention tools.
so i should not fair about carders right?
frigid tapir
@void fable are you sure this uses New Checkout versus Legacy Checkout?
thorn current
and clients are saying they are unable to pay using american express cards
void fable
I'm not sure, it looks like it could be using Legacy Checkout
But I can't find their Stripe Client implementation
frigid tapir
@thorn current can you provide an example charge on your account that I can look at?
Would love to see your exact integration.
thorn current
<@456226577798135808> can you provide an example charge on your account that I c...
there are none
there are failed charges i got scared that someones carding
frigid tapir
Okay can you share one of those?
void fable
It's using stripe-php 7.107 ("stripe/stripe-php": "^7.107",) if that's of any help ?
thorn current
thorn current
he used like 3 cards
i suspended his accoutn from dash
so this guy is a carder
void fable
Send this information, in the top right corner
thorn current
can you block this guy from stripe
thorn current
Send this information, in the top right corner
cant find
void fable
Go back into All Payments, and uses this link under the three dots of the failed charges
frigid tapir
Thanks, give me a moment to look at that
frigid tapir
Okay yeah so this is using New Checkout which does have some built in fraud protection as well as Radar. You can see that the payment attempts either required 3DS or were eventually blocked by Radar due to a high risk score since the customer was identified as a tester.
If you want further fraud prevention, then Radar for Fraud Teams (https://stripe.com/radar/fraud-teams) would be the best way to go. This would allow you to write custom rules based on what you are selling that can help prevent fraud/testing: https://stripe.com/docs/radar/rules
thorn current
idk where to put it
frigid tapir
For instance, you can block based on total charges per IP address or email
frigid tapir
You set up rules in your Dashboard here: https://dashboard.stripe.com/settings/radar/rules
thorn current
is this because of the carder?
frigid tapir
No, that is likely because you just submitted your application
thorn current
No, that is likely because you just submitted your application
ohh
so it comes to every business right?
frigid tapir
Yes
frigid tapir
Yep those are the default rules that we provide for you
But if you want to write custom rules then you can upgrade to Radar for Fraud Teams
thorn current
frigid tapir
Take a looks at the docs that I sent above.
thorn current
But if you want to write custom rules then you can upgrade to Radar for Fraud Te...
ohh so i have to subscribe for something
ohkay
got it
brittle notch
@frigid tapir had to step away. This is a really. long thread. Can you summarize the current state of things?
thorn current
<@854110440103084043> had to step away. This is a _really_. long thread. Can y...
everything is done just i got this email now
do i have to put the website that i am using the payment gateway in or the main website?