In addition to the extensive spam security measures implemented on your website, we also take it a step further when it comes to credit card fraud prevention.
To start - users, whether logged in or not, are presented with a Google reCAPTCHA each time they submit an invalid request to add a credit card to their saved payment methods.
Additionally, users are locked out from adding additional cards if the system determines a potential attempt to abuse the form.
If the user makes five consecutive unsuccessful attempts to add a credit card, they are locked out from adding additional cards for 24 hours.
If the user is locked out and attempts to add a credit card, they receive an error message: “Sorry, your account has been locked from adding new credit cards due to too many failed attempts. Please come back in twenty-four hours and try again.”