RomanCart.com Forum Homepage
Forum Home Forum Home > RomanCart > Administration
  New Posts New Posts
  FAQ FAQ  Forum Search   Register Register  Login Login

Card Attack with nearly 5K failed transactions.

 Post Reply Post Reply
Author
Message Reverse Sort Order
ckart View Drop Down
Senior Member
Senior Member


Joined: 26 November 2013
Location: New Forest
Status: Offline
Points: 159
Post Options Post Options   Thanks (0) Thanks(0)   Quote ckart Quote  Post ReplyReply Direct Link To This Post Topic: Card Attack with nearly 5K failed transactions.
    Posted: 20 April 2021 at 9:33pm
Ok thanks.
I am in touch with Sagepay & Global payments. It's good to let others know that this can happen, it's the first time I've ever heard of it.

Steve
www.nfed.co.uk
Connecting the central southern equestrian community since 1999
Back to Top
Support View Drop Down
RomanCart Team
RomanCart Team


Joined: 16 March 2004
Location: United Kingdom
Status: Offline
Points: 10794
Post Options Post Options   Thanks (0) Thanks(0)   Quote Support Quote  Post ReplyReply Direct Link To This Post Posted: 20 April 2021 at 9:29pm
Hi,

You need to speak to the payment gateways you are using about this.
We connect to hosted payment pages in most cases so they should have an option to put a capcha on there if there is an unusual amount of traffic.
Either way - it needs to be implemented on there as even restricting on RomanCart may not prevent that activity on the actual hosted payment page of which we are not in control
Many Thanks
Support

Back to Top
ckart View Drop Down
Senior Member
Senior Member


Joined: 26 November 2013
Location: New Forest
Status: Offline
Points: 159
Post Options Post Options   Thanks (0) Thanks(0)   Quote ckart Quote  Post ReplyReply Direct Link To This Post Posted: 20 April 2021 at 8:05pm
March 11th/12th I had what I now know was a card attack with around 4950 attempts to process stolen card details. I didn’t realise that I would be charged by Global Payments for the authorisation attempts, even though they failed but this has left me around £300 out of pocket.

I have now restricted the access to only accept calls from my URL & have blocked all countries other than the UK (better late than never) but am worried this could happen again. The payment attempts were every few seconds, so it can rack up the charges very quickly.

Is there anything else that can be done, particularly restricting the number of failed authorisations?
If I wasn’t here to block IP’s I assume it would have just kept going.

I use Sagepay, but there isn’t anything there to restrict it?
www.nfed.co.uk
Connecting the central southern equestrian community since 1999
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.047 seconds.