Fraud Donations.

Hello admin,

I downloaded the latest version today, but i dont see any security token for fraud donations implemented.
Can you please explain me what does that mean and how that works?

I have couple of questions related to joom donations.

Yesterday, i had a lot of fraud donation failures through authorize.net, and the result was Authorize.Net blocked my account (suspended). Each transactions were of $0.01 which i think was a bot.

Is there any way i can have captcha on my page and before going to authorize.net it checks the security image.

Is there any way that i can modify the Code. Like before submitting the form to authorize.net, i want to check whether the user tried many times having failures. If the user tried more than 10 times with failure, Block the user for 1 hour, and then display the user a message showing to try after an hour, or use different payment method.

Please Reply soon, Its URGENT

Hi

Do you display donation form within an article ? Or you are using the component ? Did you update both the component and the donation form plugin ?

In the latest version, I there is a security token implmented in the code (it is a hidden field and it is checked to make sure the donation process is made by human) , so there will be no fraud donation anymore .

If you don't mind, give me the link to your site so that I can check to make sure you have the latest version installed .

Thanks,

Tuan

Hi Tuan,

Can you please explain me in details, how the hidden security in donation form works?

List of installed Components and plugins are as below.

com_jdonation
jdform

I updated both of them to the Latest version 2.7.2

Another thing, can you give my your email so that i can pm you the link to my site. I don't want to list my link in forums as don't want people and other crawlers to see the link. Hope you don't mind.


Thanks for the quick reply. I really appreciate your time and work.

Can you please reply me as soon as possible.

Thanks,

Hi

Security token is a technology in Joomla which allows prevent spam or auto attack..., something like that. The detail is :

- The system generated a random string. This random string is stored in sesstion and It is used as a name of the hidden form in the email .

- When the form is submited, the system will check this token to see whether the submit request is from human or is a kind of auto attack . If the request is not from human, the system won't process the request anymore .


it is difficult to explain it to you. You can simply send me information of your site to contact@joomdonation.com so that I can have a quick check to see whether you installed the correct version. I will confirm with you via email .

Thanks,

Tuan

I'm having the same problem using authorize.net, lots of fraud transactions, like the security token is not working as it should be.

Update : If anyone has this issue , please update to latest version and the issue won't happen anymore .

@luthien: Please update me with the result after you upgraded to latest version .

Tuan