What should I be wary of (types of fraud, etc.) in an online store for digital goods?

P

Pavel K2018-12-14 00:56:14

Payment systems

Pavel K, 2018-12-14 00:56:14

In general, subject.
All payments go through the processing center.
The product is exclusively digital (for example, an increase in reputation, etc.).
What are the types of payment fraud and how to protect yourself from them?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

R

Roman Terekhin, 2018-12-14
@RomaZveR

Cherdzhbek'i is the very first.
Restriction of countries on accepting cards (for example, only the CIS and BE) and forced 3ds authorization on the processing side will save you from the main type of fraud - a return on a fraudulent operation / loss of a card. However, there are other return items, for example, they did not provide a service, delivery did not arrive within the specified time frame, etc., you will have to fight back such claims yourself.

U

Uno, 2018-12-14
@Noizefan

Clickjacking, phishing, xss, injections, in a nutshell - all the same web vulnerabilities affect your project as other people's and other projects, just depending on the specifics of the project, some may be more effective in terms of financial benefits to attackers .
If someone gets access to the code (in any way), he, figuratively, will be able to knock on your conditional payed.php 100 times with the parameters userid=100&payed=1&addreputation=10 .
I'm exaggerating a lot, but the essence is the same - the actual type of product in no way suggests that you can score on some kind of fraudulent schemes.