[ic] IC 5.4 Fraudulent attempts
Steve Graham
icdev at mrlock.com
Thu Apr 5 18:26:41 EDT 2007
At 10:27 AM 4/5/2007, you wrote:
>Does anyone have a suggestion on how to limit the number of attempts
>a single user/session can attempt a credit card transaction. I'm
>thinking about limiting the number attempts to 5, or 6 for a 30
>minute period - to limit fraudulent activity.
>
>any suggestions?
Does this code look ok? (modified from credit card section in
log_transaction) (found something similar Mike suggested a while back)
I'm looking for session tracking only.....
[elsif value mv_order_profile eq credit_card]
[calc]
unless $Scratch->{cc_attempts} || # make sure
cc_attempts exists
$Scratch->{cc_attempts} eq '0';
[/calc]
[perl]$Scratch->{cc_attempts}++[/perl] #increment
each time route is called
[calc]
return if $Scratch->{tmp_total} == $Scratch->{tmp_remaining};
my $msg = sprintf "Your credit card was charged
%.2f", $Scratch->{tmp_remaining};
$Scratch->{pay_cert_total} = $Scratch->{tmp_total} -
$Scratch->{tmp_remaining};
$Scratch->{charge_total_message} = $msg;
return "Credit card will be charged
$Scratch->{tmp_remaining}";
[/calc]
Country: [value country]
[if scratch cc_attempts < 7] # only allow charge route
if 6 or less attempts
Charging with payment mode=[value mv_payment_route]
[tmp name="charge_succeed"][charge route="[value
mv_payment_route]" amount="[scratch tmp_remaining]" order_id="[value
mv_transaction_id]"][/tmp]
[else]
[calc]
die errmsg(
"Real-time charge failed. Reason: %s\n",
'too many failed charge attempts!',
);
[/calc]
[/else]
[/if]
[if scratch charge_succeed]
[set do_invoice]1[/set]
[set do_payment]1[/set]
Real-time charge succeeded. ID=[data session payment_id]
amount=[scratch tmp_remaining]
[else]
Real-time charge FAILED. Reason: [data session payment_error]
Failed charge count: [scratch cc_attempts]
[calc]
for(qw/
charge_total_message
pay_cert_total
/)
{
delete $Scratch->{$_};
}
die errmsg(
"Real-time charge failed. Reason: %s\n",
errmsg($Session->{payment_error}),
);
[/calc]
[/else]
Thanks,
Steve
More information about the interchange-users
mailing list