Carding attacks


We’ve seen an increase in fraudulent activity, through a process known as carding.

Carding is when a fraudster targets a website with the least amount of steps to get to the payments page. This technique involves trying the same card numbers repeatedly to test the validity of card data and this can cause excessive authorisation fees and transaction charges to be charged to your account when not dealt with properly, as well as the possibility of incurring integrity fees from the card schemes. We process millions of transactions daily for businesses worldwide - with varying transaction volumes, so what may seem like fraud to one business may not be to another. It’s your responsibility to make sure your business has the necessary control measures in place to prevent fraudulent activity. Any attacks will be subject to carding transaction charges.

What can you do to reduce the risk of carding?

There are many ways you can protect your business from fraudulent carding activity, including:

  • 3D Secure
    3D Secure is the umbrella name for Visa Secure and Mastercard SecureCode, which have been implemented by the card brands to add a level of security for ecommerce transactions.

  • Using a CAPTCHA on your website
    Having a good CAPTCHA on your website could also interrupt a fraudster’s carding attempts. A CAPTCHA is a computer program, or system, intended to distinguish human from machine input.

If you’re worried about any of this, we’ll be happy to help you implement the anti-fraud measures above. Contact us by emailing [email protected] or call us on +44 203 026 9659* (UK)
or +353 1 702 2000* (Ireland).

*Lines are open from 9am to 5pm, Monday to Friday, except public holidays. If you have a speech or hearing impairment, you can call us using the Relay Service by dialling 18001 followed by the number you want to call*. Calls may be recorded. To help us continually improve on our service and in the interests of security, we may monitor and/or record your telephone calls with us. Any recordings remain our sole property.