Showing results for 
Search instead for 
Did you mean: 

CIM createCustomerPaymentProfile fraud protection non-existent

The CIM process to add payments to a customer has no form of fraud protection available.  Anyone can quickly write a script to run against a website and send lists of credit cards to validate which ones are valid.  


Advanced Fraud Detection has only 1 feature that would potentially stop this, which is limiting your account when a large number of transactions go through.  This, however, is unacceptable as it limits everyone from processing transactions not just the offending customer. 


There is no IP Address accepted by the Create Customer Profile, so any IP checking wouldn't work.  


Since CIM is a paid service, I would expect there to be a feature to filter number of transactions by a single customer WITHIN the service.  But there isn't.  


As a result, I had someone write a script against my website and send 25,000 requests before my processor notified me.  Didn't get notification from AuthNet.  All transactions were rejected, however, I ended up racking up $2,500 in AVS checking fees as a result.  


As a company, you obviously know about carding attacks but have not done anything to restrict it within CIM.   Please add this feature ASAP.


I am glad to see the seriousness that Authnet and the community are taking this issue.



Unable to login to your mail account? if yes, then you need to follow some step to reset your password and fix your GMX login problems

It's very hard to deal with frauds...

To prevent fraud, it is essential to know how to spot a red flag. Fraudsters will often try to get your personal information for a fake account and will use other tactics to get funds from your bank account or card. They may also try to exploit technical issues with your website or application to get you to reveal sensitive information. If you have ever had your account closed because of fraud fears, or have been reluctant to hand over your credit card information when asked, then this link, can help you. It's the most performant system that will keep you and your data safe.