Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-8600

Limit declined credit card transactions

          Details

          • Type: New Feature
          • Status: Done/Fixed
          • Priority: Trivial
          • Resolution: Won't Fix
          • Affects Version/s: 3.4.4, 4.0.4
          • Fix Version/s: 4.4.0
          • Component/s: CiviContribute
          • Labels:
            None

            Description

            We got hit by a user/bot that attempted over one hundred credit card transactions via a contribution page. Our payment processor said that this is a common way that malicious persons test whether credit cards numbers are valid. All attempts were from the same IP address.

            It would be helpful to set a configurable threshold for maximum declined card attempts in a 1-30 day period from the same IP address. It seems that 3-5 attempts should be sufficient for legitimate cardholder transactions.

              Attachments

                Activity

                  People

                  • Assignee:
                    lobo Donald A. Lobo
                    Reporter:
                    brylie Brylie Christopher Oxley
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    3 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: