atronador | Stripe Developers | Page 1

spare hedgeBOT Apr 19, 2023, 10:10 AM

#

vast yacht Apr 19, 2023, 10:11 AM

#

There's some recommended preventative measures we recommend here: https://stripe.com/docs/disputes/prevention/card-testing

Protect yourself from card testing

Learn about this fraudulent activity and how to protect yourself against it.

#

i.e. maybe introduce CAPTCHA before you redirect to the Checkout page

modest lichen Apr 19, 2023, 10:28 AM

#

Yeah, but once at the Checkout page, they are out of my control....and they can refresh and re submit the Checkout Page as many times as they want...

#

Recaptch on my side is active, but this does nothing..

#

Is there a way maybe to expire the checkout page after X attempts o X seconds?

vast yacht Apr 19, 2023, 10:31 AM

#

The sessions by default expire after 24 hours. You can shorten that to 30 minutes: https://stripe.com/docs/api/checkout/sessions/create#create_checkout_session-expires_at

Stripe API reference – Create a Checkout Session – curl

Complete reference documentation for the Stripe API. Includes code snippets and examples for our Python, Java, PHP, Node.js, Go, Ruby, and .NET libraries.

modest lichen Apr 19, 2023, 10:33 AM

#

Ok...that can help, but still...a lot of hits can go through in 30 minutes....any other ideas?
Is the checkout session bound to a payment intent? Is it possible to cancel the payment intent after, say, 10 failed attemps?

vast yacht Apr 19, 2023, 10:34 AM

#

You'd expire the session manually, as opposed to cancel the PI: https://stripe.com/docs/api/checkout/sessions/expire

Stripe API reference – Expire a Checkout Session – curl

Complete reference documentation for the Stripe API. Includes code snippets and examples for our Python, Java, PHP, Node.js, Go, Ruby, and .NET libraries.

spare hedgeBOT Apr 19, 2023, 11:22 AM

#

#atronador