How to Get Fraudulent ‘Credit Card Testers’ to Fail


October 30, 2020

By Donald Kasdon October 30, 2020, 12:01 a.m. EDT2 Min Read

Credit card fraud prevention has never been this necessary. It’s well known that the COVID-19 pandemic has led to an increase in fraudulent activity. Fraudsters are taking advantage of an increase in online shopping and finding new ways to steal financial data from both consumers and merchants. Credit card testing specifically is seeing massive spikes during the pandemic.

Credit card testing is when attackers obtain stolen credit card data and test it on e-commerce websites by placing several small orders all at once. They can deploy a bot to automate the process and place thousands of orders within a very short timeframe. Credit card testing can be especially harmful to small e-commerce vendors because they are left to pay large transaction fees incurred. However, as long as they can use a secure payment gateway and embrace a few best practices, protecting their business can be easy.

For those looking to improve their credit card fraud prevention, here are four tactics that merchants can employ:

  1. Safeguard sensitive information
  2. Look at the IP addresses
  3. Authenticate customer identity
  4. Seek out value-added services
  1. Safeguard Sensitive Information
  2. Hackers will always try to access proprietary and sensitive data when targeting a site, and they can do a lot of damage by accessing the gateway’s API key information. To combat this, vendors should set up protections for their gateway API and ensure APIs are refreshed and audited regularly. Another easy way to keep your site protected and secure is to maintain constant updates of plugins on the backend. A build-up of neglected plugin and API updates will often cause the gateway to crash and leave your site open to vulnerabilities.

  3. Look at the IP Addresses
  4. Credit card testing transactions come from a handful of similar IP addresses, and knowing this can help improve your credit card fraud prevention efforts. Automated software can limit the number of purchases made by a single IP address in a certain period. IP blocking and banning tools can also locate specific sources of fraud and prevent them from accessing their payment gateway in the future.

  5. Authenticate Customer Identity
  6. Merchants can verify their customers’ identities without making them jump through hoops. This can be done by requiring logins for all purchases, which prevents a scammer or bot from making several transactions with different cards. Merchants also need to be able to identify bots before they complete checkout. Placing CAPTCHA checks at every secure payment gateway is an effective credit card fraud prevention tactic. It helps in not only avoiding bots but also protecting merchants from spam and password decryption.

    cyber padlock

  7. Seek out Value-added Services
  8. Credit card testing is more common than you might think, and incident rates are climbing during the pandemic. E-commerce merchants should understand that upfront costs will pay dividends in the long term. Making investments in external software allows merchants to spend more time on what truly matters – growing the business and not worrying about constant, vigilant site monitoring.

    Ultimately, e-commerce merchants should choose a partner that can offer and implement strong credit card fraud prevention measures. This can be done by leveraging a comprehensive suite of security checkpoints, including IP verification and blocking, human checks, and backend updates and fortifications.

    Most vendors naturally want to expect the best and never think cyberattacks will happen to them. However, when they are hit with credit card testing, it can be directly financially catastrophic, and it can lead to potential future customers losing trust in your business. That’s why it’s recommended e-commerce merchants seek solutions that can help protect their gateways and their business. The aim should be leveraging solutions and services that offer comprehensive credit card fraud prevention.