Support » Plugin: Accept Stripe Payments » Open to fraud

  • Similar to the other review we were using this plugin for some time without issue but it’s been used by someone attempting to check presumably stolen cards. Hundreds of failed transactions and a small number that have gone through that I’ve just gone through and refunded. Needs some form of protection to stop this type of abuse.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support mbrsolution

    (@mbrsolution)

    Thank you so much for this feedback. We’re sorry to hear about your experience. Please create a support ticket from the following link and we will try to help:
    https://wordpress.org/support/plugin/stripe-payments/

    Kind regards.

    Plugin Author mra13

    (@mra13)

    The “invisible captcha” option sometimes doesn’t work against this type of card testing. This is pointed out by stripe here:
    https://stripe.com/docs/card-testing

    If you want to use the plugin in the future, use the “I am not a robot” captcha option. We have some explanation of it on the captcha configuration documentation here:
    https://s-plugins.com/stripe-payments-recaptcha-addon/

    Thread Starter wherring

    (@wherring)

    I’d probably argue that the Invisible Recaptcha feature should be removed or at least come with a prominent warning in the user interface. I wouldn’t have used it if I had been aware of the issue.

    While I appreciate the Recaptcha issue can likely be mitigated that doesn’t address the issue of the varied amounts and currency, that sounds like a flaw in the plugin.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Open to fraud’ is closed to new replies.