Learn several ways that Checkfront prevents fraudulent payments.
Which plans include this feature?
Legacy: Soho, Pro, Plus, Enterprise, Flex
New: Growth (Subscription), Growth (Online Booking Fee), Managed
→ Learn more about our new plans or how to change your plan.
Where can I find this feature using the top menu?
{your account}.checkfront.com/reserve
> Payment page
Which Checkfront version supports this feature - classic, new or both?
- This feature is available in both our classic version using items (Inventory > Items) and our newest version using products (Inventory > Products). → Learn more about products
Overview
Back to topIn order to prevent fraudulent use of the payment pages, Checkfront has a number of security measures in place, including protection against carding bot attacks, in which attackers use multiple, parallel attempts to authorize stolen credit card credentials using your payment forms.
- Payments for a Booking ID are automatically blocked after 10 failed attempts. Payment for the Booking ID are then unblocked after 24 hours.
- Payments are blocked across all bookings for an IP address after 20 failed attempts. Payments for the IP address are then unblocked after 24 hours.
Frequently Asked Questions
Back to top
What error message is shown to the User when a Booking ID or IP is blocked?
Back to topThe following error message displays. The phone number is included if configured within your account (Manage > Setup > Company > Phone number).
You have reached the limit of failed payment attempts, please contact {$Company_Name} at {$Phone} to complete the booking.”
Can an Admin or Staff Member remove the block?
Back to topNo, the block cannot be manually removed, but you can attempt to process the payment Staff-side on behalf of legitimate Customers, if they reach out.
If the payment continues to be declined, you can communicate to the Customer, why their card has been refused e.g. expired card, and how to resolve the issue e.g. reach out to their card-issuing bank. You can also offer to complete payment using a different payment method.
For added security on your payment pages, we recommend activating reCAPTCHA v3 for a more secure payment flow. reCAPTCHA v3 is only available on certain payment providers: Braintree, Moneris, Stripe, and Square). Learn more here: |