iulyan-rate-limits | Stripe Developers | Page 1

inner fulcrum Sep 7, 2022, 10:12 PM

#

I don't know a ton about card testing, but I assume this rate limitng would be something they add in their own application

lunar sleet Sep 7, 2022, 10:13 PM

#

those are the suggestions:
Captcha: Card testers often use automated scripts that can be blocked using a captcha.
Rate limits: In some cases, you can stop card testing by adding rate limits. Tailor these rate limits to stop the specific kind of card testing you’re experiencing.
Require login or session validation: Card testing can often be prevented by requiring login or session validation when performing certain actions, such as creating an account or making a payment.
Detecting and preventing unusual behavior: As soon as you’ve identified card testing activity, you can compare it to typical legitimate traffic, then build rules or filters that limit or prevent only the card testing activity.
Radar: If card testers are making payments with your integration you might be able to use custom Radar rules to mitigate the fraudulent activity.

inner fulcrum Sep 7, 2022, 10:19 PM

#

Yeah, but that doesn't have any detail on the specific kind of card testing you're seeing. We give a quick example here (https://stripe.com/docs/disputes/prevention/card-testing#rate-limits), and in that example that would be a limit your user would need to impose on their end

Protect yourself from card testing

Learn about this fraudulent activity and how to protect yourself against it.

lunar sleet Sep 7, 2022, 10:21 PM

#

sure got it

#

thanks

#iulyan-rate-limits