Preventing card testing fraud with reCAPTCHA

Card testing is a prevalent fraudulent activity used to determine the validity of stolen card information to use those cards for online purchases. This validation of stolen card numbers and details is typically done by bad actors utilising automated scripts and bots.

These are the primary methods used to test the validity of stolen card information:

  1. Authorisations - Queries are sent to the payment processor and card issuer, asking whether there are enough funds for a transaction. Authorisations take longer to appear on card statements, giving fraudsters more time to exploit the card.
  2. Small value payments - Card testers prefer making smaller payments, which are less likely to be noticed by cardholders and reported as fraudulent.

Use reCAPTCHA to prevent card testing

Invisible reCAPTCHA protects your account by helping to distinguish a human from an automated bot by analysing user activity.

By adding Invisible reCAPTCHA to your checkout process, you are helping protect your site against fraudulent transactions.

Enabling reCAPTCHA

Invisible reCAPTCHA is enabled by default when using these payment tools:

If you’re submitting payments to our API, your developer will need to implement reCAPTCHA or Invisible reCAPTCHA on your checkout page to protect from card testing.

Follow this guide for how to protect your website with reCAPTCHA.

Unable to find the answer you need? Contact our team for assistance.
Pin Payments acknowledges the Traditional Owners and Custodians of the Country throughout Australia and recognises their continuing connection to land, water and community.
We pay our respects to Aboriginal and Torres Strait Islander cultures, and to Elders past and present.