We are a low code platform for building internal tools. We have an open signup via gmail or you can create a company account. Since last two days we are seeing an unusal pattern of payments from newly created accounts. In our world -> this cant happen as unless some one makes something working and needs end users to use it there is no real need to subscribe to a paid plan. They were mostly all gmail signups or temp emails. IP address detected by Stripe suggest they are all random. (must be IP spoofed)<p>things we did so far:<p>1) activated stripe radar and decreased risk profile to filter weed<p>2) added captcha to our payment page<p>inspite of the above we kept getting fraudulent payments. This suggests that we have been hit by a manual attack as the attackers are able to circumvent captcha. However scale at which this is happening doesn’t seem manual But given the randomness of time element between each payment try, it starts seeming manual.<p>Question is - are there a set of best practices we are missing to thwart this in either case of attack being manual or automated?
What's the initial payment size? If it's really low then you are being used by card testers. If so, increase the initial payment amount.<p>Your goal here should be to make the friction on the card tester/fraudster enough that they move on to someone else while not derailing your actual prospective customers. Obviously, block all temp email providers. Maybe temporarily add an extra step for @gmail subscribers, like a phone confirmation. Introduce delays that wouldn't bother a normal customer but would bother a card tester.
I work at Stripe. Sorry to hear this is happening–would you mind sending me your account ID so our team can take a further look? My email is cait@stripe.com