reCaptcha is an extra layer of security for your sales. It activates when a certain number of transaction security checks have failed, a number you specify.
Set up reCaptcha
- Sign in to your My Services page.
- Click the Store link.
/msdyn_blobfile/$value)
- Go to Risk Tools.
/msdyn_blobfile/$value)
- Click the Settings link.
/msdyn_blobfile/$value)
- Set up your reCaptcha Options as desired then click the Update button.
/msdyn_blobfile/$value)
- Return to Store Manager and publish your Order Settings.
/msdyn_blobfile/$value)
reCaptcha Rules
The default values of 3 AVS/CVV mismatches within 1 minute should be enough to stop most fraudulent orders or card authorizations. However, sometimes a hacker may use a bot that can be programmed to make 3 authorization attempts, wait 5 minutes then do it again. In cases like this, change the reCaptcha settings to 1 AVS/CVV mismatches within 1 minute, and show the reCaptcha for 1440 minutes (24 hours). While this may inconvenience valid shoppers, this should stop the fraudulent authorizations rather quickly, and you can the revert to the default reCaptcha settings once you see the fraudster has moved on.
Before a card tester uses their bot, they may manually test the checkout flow to determine what it will take for the reCaptcha to appear. Once the tester determines when the reCaptcha will appear, they may set their bot to pause before hitting the mismatch number hoping to avoid it. In cases such as this, changing the reCaptcha settings to 3 AVS/CVV mismatches within 5-10 minutes, and show the reCaptcha for 5 minutes would be stronger.
Get detailed information about failed authorizations by utilizing the Failed Authorizations Report. Learn more.
Note: You must have real-time authorizations enabled to use Risk Tools including reCaptcha.
Learn more about reCaptcha:
See Also:
