#sudhanshu
lavish bane
fallow haven
Can you share an example of a fraudulent payment?
formal flower
yes , here is the screenshot , but with the same card details first payment has been successfully transactioned
fallow haven
I need an ID please
fallow haven
Of the payment (pi_xxx)
formal flower
pi_3NdUFVHBzVLseUqK0aLDIama
and this even is being occured multiple times
is there any way to detect it at first place
fallow haven
You need to roll your API keys immediately: https://stripe.com/docs/keys#rolling-keys
Looks like they've been leaked as those payments are created with your secret key
If they are indeed malicious
formal flower
okay
i have changes the live key now
*changed
will it solve this issue?
can we add any otp option to autheticate every transactions?
fallow haven
Well it'll prevent people from using that old API key toi make requests
fallow haven
can we add any otp option to autheticate every transactions?
Not sure what you mean?
formal flower
like is there any way to by which we can add a extra authentication layer where user will recieve a code before making a transaction?
fallow haven
You can manually request 3DS for every payment yes: https://stripe.com/docs/payments/3d-secure#manual-three-ds
formal flower
okay
fallow haven
Otheriwse, I'd just generally recommend to be super careful with your secret key
formal flower
okay