developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

Limit checkout attempts or AVS mismatch

View the SolutionThis topic has been marked as solved.

I have examined the transaction details and see where some users have made 5 or more attempts to checkout and the card(s) were declined because of AVS mismatch or something else.

 

I wanted to find out if anyone has added code to limit the number of checkout attempts and something similiar.

 

jrockfl
Contributor

‎10-12-2011 05:11 AM

0 Kudos
Reply
1 ACCEPTED SOLUTION

Accepted Solutions

View the SolutionThis topic has been marked as solved.

The Advanced Fraud Detection Suite gives you the ability to automatically block IP's that have more than a certain number of transactions per hour. Short of that, it isn't very hard to create a database table with two fields - one for IP and one for count - and just add records / increment the count as transactions process. You have an automated routine wipe the table every hour, and you check the count for the user's IP before you allow a new transaction to process.

 

EDIT: What programming language are you using? PHP?

View solution in original post

TJPride
Expert

‎10-12-2011 06:57 AM - edited ‎10-12-2011 07:00 AM

Reply
3 REPLIES 3

View the SolutionThis topic has been marked as solved.

The Advanced Fraud Detection Suite gives you the ability to automatically block IP's that have more than a certain number of transactions per hour. Short of that, it isn't very hard to create a database table with two fields - one for IP and one for count - and just add records / increment the count as transactions process. You have an automated routine wipe the table every hour, and you check the count for the user's IP before you allow a new transaction to process.

 

EDIT: What programming language are you using? PHP?

TJPride
Expert

‎10-12-2011 06:57 AM - edited ‎10-12-2011 07:00 AM

Reply

View the SolutionThis topic has been marked as solved.

Thank you for your reply. I'm using asp.net (vb.net)

Sure, I could create something to do that. I wasn't sure if that was a common practice or not.

 

 

jrockfl
Contributor
In response to TJPride

‎10-12-2011 07:34 AM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

If you set a reasonably high minimum charge ($5+), you probably won't have any trouble with stolen credit cards being tested on your site. Same for if the signup form uses a lot of complicated Javascript, as in the case of my most recent client. Outside of that, I'd guess that people won't bother implementing their own transaction volume protection until the first time they have problems with too much transaction volume.

TJPride
Expert
In response to jrockfl

‎10-12-2011 07:40 AM

0 Kudos
Reply
Copyright © 2024 Khoros, LLC