Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-21104

CIVICRM-410 CiviCRM Contribution pages which have no Profile associated with them do not include a ReCaptcha and as a result are prime targets for credit card fraud.

    Details

    • Type: Improvement
    • Status: Done/Fixed
    • Priority: Trivial
    • Resolution: Fixed/Completed
    • Affects Version/s: 4.6.28, 4.7.23
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Versioning Impact:
      Patch (backwards-compatible bug fixes)
    • Documentation Required?:
      User and Admin Doc
    • Funding Source:
      Needs Funding
    • Verified?:
      No

      Description

      CiviCRM Contribution pages which have no Profile associated with them do not include a ReCaptcha and as a result are prime targets for credit card fraud.

      A possible alternative to fixing this problem would be to use this Honeypot extension, https://issues.civicrm.org/jira/browse/EXT-48 and https://github.com/elisseck/com.elisseck.civihoneypot - As it provides a similar feature by implementing honey pot on the Contribution page.

      As I see it there are three options:

      1. Option 1: Provide a CiviCRM Core PR to add this default feature - ideal but may not be accepted
      2. Option 2: Create a CiviCRM extension which provides this feature - does not require CiviCRM core team approval or review
      3. Option 3: Create a PR or fork of the com.elisseck.civihoneypot extension to add mandatory re-captcha to the Contribution page

        Attachments

          Activity

            People

            • Assignee:
              agileware Agileware
              Reporter:
              agileware Agileware
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: