[ic] IC 5.4 Fraudulent attempts

Steve Graham icdev at mrlock.com
Thu Apr 5 18:26:41 EDT 2007 

At 10:27 AM 4/5/2007, you wrote:
>Does anyone have a suggestion on how to limit the number of attempts 
>a single user/session can attempt a credit card transaction. I'm 
>thinking about limiting the number attempts to 5, or 6 for a 30 
>minute period - to limit fraudulent activity.
>
>any suggestions?

Does this code look ok? (modified from credit card section in 
log_transaction) (found something similar Mike suggested a while back)
I'm looking for session tracking only.....



[elsif value mv_order_profile eq credit_card]
         [calc]
            unless $Scratch->{cc_attempts} ||           # make sure 
cc_attempts exists
                       $Scratch->{cc_attempts} eq '0';
         [/calc]
         [perl]$Scratch->{cc_attempts}++[/perl]        #increment 
each time route is called
         [calc]
                 return if $Scratch->{tmp_total} == $Scratch->{tmp_remaining};
                 my $msg = sprintf "Your credit card was charged 
%.2f", $Scratch->{tmp_remaining};
                 $Scratch->{pay_cert_total} = $Scratch->{tmp_total} - 
$Scratch->{tmp_remaining};
                 $Scratch->{charge_total_message} = $msg;
                 return "Credit card will be charged 
$Scratch->{tmp_remaining}";
         [/calc]
         Country: [value country]
         [if scratch cc_attempts < 7]     # only allow charge route 
if 6 or less attempts
         Charging with payment mode=[value mv_payment_route]
         [tmp name="charge_succeed"][charge route="[value 
mv_payment_route]" amount="[scratch tmp_remaining]" order_id="[value 
mv_transaction_id]"][/tmp]
         [else]
           [calc]
            die errmsg(
                                 "Real-time charge failed. Reason: %s\n",
                                 'too many failed charge attempts!',
                         );
           [/calc]
         [/else]
      [/if]
         [if scratch charge_succeed]
           [set do_invoice]1[/set]
           [set do_payment]1[/set]
           Real-time charge succeeded. ID=[data session payment_id] 
amount=[scratch tmp_remaining]
    [else]
         Real-time charge FAILED. Reason: [data session payment_error]
         Failed charge count: [scratch cc_attempts]
         [calc]
                 for(qw/
                                 charge_total_message
                                 pay_cert_total
                 /)
                 {
                         delete $Scratch->{$_};
                 }
                 die errmsg(
                                 "Real-time charge failed. Reason: %s\n",
                                 errmsg($Session->{payment_error}),
                         );
         [/calc]
         [/else]


Thanks,
Steve

More information about the interchange-users mailing list