Bot harassment with fake Stripe payments

In the past few weeks many CiviCRM sites using the Stripe payment processor have had serious troubles with a kind of abuse called card testing.

It's not the kind of thing that could allow someone to break into a site, or steal user data, but on many sites it has been aggressive enough to bring them to a crawl, and occasionally to a halt. Or get their Stripe account suspended. Or other troubles.

Developers in the CiviCRM community got together pretty quickly and worked out a solution. You can read about it in my blog post on civicrm.org: Stripe: Solving Card-Testing and Fraudulent Transactions

If you're processing payments through Stripe on CiviCRM, you really should give that a look and apply that fix on your site.

If you need help with that, you should reach out to your support team.

You do have a support team right?

All the best,
A.