jonah-payments-postalcode | Stripe Developers | Page 1

civic jacinthBOT May 19, 2023, 3:36 PM

#

warm summit May 19, 2023, 3:37 PM

#

Wouldn't hurt to implement this protection yourself. We take certain measures like implementing rate limits.

#

You could also consider using our advanced fraud detection: https://stripe.com/docs/disputes/prevention/advanced-fraud-detection

#

Which as long as you're using Elements, Checkout, etc should be in use by default and doesn't require you to explicitly enable anything

mortal cave May 19, 2023, 3:41 PM

#

We have Radar for teams, does this automatically provide protection against the attack I described, or is it only rate limiting? And in this case, what specifically is being rate limited?

civic jacinthBOT May 19, 2023, 3:42 PM

#

warm summit May 19, 2023, 3:45 PM

#

It's just this: https://stripe.com/docs/rate-limits

#

All requests to stripe are rate limited

#

If you need more specific protection, you'd need to implement it yourself

#

Recommend reading: https://stripe.com/docs/disputes/prevention/card-testing

#

That suggests some card testing protection measures you can take if you think it'll be a concern in your integration

mortal cave May 19, 2023, 3:50 PM

#

Thank you. Is this a common attack in your experience? I am assuming not too common or else stripe would implement it on their side?

warm summit May 19, 2023, 3:51 PM

#

Hard to say

#

It doesn't happen to the majority of people if that's what you're asking

#

But hard to know who will become a target of this sort of attack

#

If you start finding that you're being targeted, you could implement a captcha to slow/stop the attacks

dark raft May 19, 2023, 3:54 PM

#

jonah-payments-postalcode

mortal cave May 19, 2023, 3:55 PM

#

Thanks @warm summit , you have been a royal help.

#jonah-payments-postalcode