• Resolved obertscloud

    (@obertscloud)


    getting lots of fraud payments, want to integrate recaptcha v2 on free version, spoke with stripe support told them your plugin name, they want to shut my stripe down if I keep getting problems and maybe it causes problems for you, i have recaptcha keys for v2 of recaptcha just not knowing how to integrate. please help thanks

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor Adam Lea

    (@adamjlea)

    Hello @obertscloud

    reCaptcha currently only works with the Pro version of Simple Pay.

    There still are things that you can do to help ease the burden of these attacks.

    1. You can disconnect and reconnect your account from Stripe which will regenerate your API keys. Most of the attacks are using API keys rather than using a payment form.

    2. You could also look into using Stripe RADAR: it’s not a free program, however, if you’re interested, you can try a free 30-day trial here: https://dashboard.stripe.com/get-started/radar-for-fraud-teams
    An example of a potentially helpful Radar rule to combat card testing would be: Block if :charge_attempts_per_ip_address_hourly: > 3

    I hope those are helpful.

    Regards,

    Plugin Contributor Adam Lea

    (@adamjlea)

    Hey @obertscloud,

    If you need more follow up with this, please don’t hesitate to ask!

    Regards,

    My processor says it has nothing to do with api keys, I have chanced plugins to another stripe payment and they stopped. I was getting about 20-100 payments a day, but at different times throughout the day. My processor makes the payee confirm everything on their credit card including billing address, this had to be done manually. It came from a few countries, some in the United States mostly.

    I am not looking for a paid version of something that should be secure. I only wanted you to know you have a security flaw.

    obertscloud

    (@obertscloud)

    yes confirmed is a security bug in your plugin, I aleted Stripe to discontinue recommending you until fixed,

    I had 200 , $1 to $2.00 payments, now I have 200 x $15.00 return fees, I have to payout $3000 dollars in fees and I made no money

    you don’t pay for those fees do you?

    now I am really pissed off

    Plugin Author spencerfinnell

    (@spencerfinnell)

    Hello @obertscloud,

    Unfortunately we cannot add further reCAPTCHA methods to the Stripe.com hosted Checkout form because it is not something that is hosted on your WordPress website.

    It is up to Stripe’s anti-fraud measures to detect this fraudulent activity. Stripe offers “Radar” to help combat this. Stripe also offers Chargeback Protection when using Stripe Checkout.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.