Yes, it's under Payment Settings > Settings - you can set it for Fraud and use reCAPTCHA

Thanks for the fast response.

I don't see the ability to set it for Fraud or use re-captcha. Is there a specific module that has to be activated?

That's a good question - I had just assumed it was there as part of an update 9.00053

http://docs.miva.com/how-to-guides/c...rd-fraud-tools

Here are the videos on how to set it up. ReCaptcha is just a setting you enable (you will need an API key from Google). It should be its own tab group right below the Fraud Tab Group

http://docs.miva.com/videos/customer...ction-settings

To enable auto blacklist:
Click on Menu >>> Payment Settings >>> Settings Tab

You should see a section for fraud (see link below)
https://www.screencast.com/t/XuzwP6hCuu

You can also manually choose to blacklist IPs from the Authorization Failure log
Click on Menu >>> Click on Order Processing >>> Click on the tab for Authorization Failures. Click on one or more of the failures recorded and click the blacklist button. Set when the blacklist expires (default is never).

If you have any issues locating the fraud settings, please contact Miva Support @ 800-608-6482.

Wayne

Thank you all, Leslie, Brennan and Wayne, for your help. I appreciate it.

I had this problem before anything was built into Miva. I installed WolfPaw Fraud Screening. It stopped it in its tracks. It takes a little tweaking and there is a monitoring charge, but it costs virtually nothing. I guess there are more options now, but it really saved us back in 2015.

Instead of WolfPaw, do you support FraudLabs Pro? We have been using it in the Shopify and it is fantastic.

Wolfpaw isn't the fraud protector, it's MaxMind, WolfPaw is just the module builder who made the Miva portion. I haven't heard of FraudLabs Pro but we'll look into it.

Isn't there some built in way in Miva to add a timing delay to invalid credit card attempts? I can't find it now but I believe we have the response set in OPAY to increase the invalid card response by an additional second each time a credit card is refused. The idea is to make the replies to a bad checkout so time consuming that eventually the fraudster gives up.

Have you looked at the Payment Settings > Settings? You can activate Fraud and reCAPTCHA settings there.

Hi Leslie, found it. Thanks for refreshing my memory. We have: 2 second delay on failure, invalidate checkout after 15 attempts, automatic blacklist, and user IP blocked for 1 hour. I was mistaken by the delay, I thought it was progressively longer for each failure.

I use Wolfpaw/maxmind and I get an antifraud message nearly once or twice per week indicating 'bingbot' aka Microsoft is attempting to complete a test sale on my site. I tried to white list the IP but they use hundreds of different IPs. Has anyone else seen this?

I don't think you want to whitelist a seach bot trying to place an order. It's not helpful (from an SEO standpoint) and could even be detrimental. Instead, I'd add 'nofollow' attributes to all 'cart' and 'account' related links.

Dream Feature: (Make such links, by default, nofollow)?