Stripe does not do CVC or expiration checks when adding a new credit card as a payment method
[
]
I learned something new today when exploring the Stripe interface. Namely, Stripe does not do CVC or expiration checks when adding a new credit card as a payment method. Contrary to my expectation, I was able to add a credit card, even with a bogus expiration date (set to some random future date) and a made up CVC number.
This was disconcerting to me, because such a payment method for a customer would simply fail when a real charge is made at a future date. In other words, if you are using Stripe as a payment processor, a customer can add a credit card as a payment method, make a mistake with the expiration date or CVC, and the next time the card is charged, it will likely fail. This, in spite of the fact that they are given no indication that their credit card info may have been entered incorrectly when they initially added the card.
Some further digging revealed this help page from Stripe with some details as to why this may be the case:
To prevent card testing, Stripe is sometimes required to not check cvc and zip checks on card validations, so they may appear as “unavailable”. Those checks will be available on the charge object once an actual payment is made. Stripe uses machine learning to predict when card testing is likely. These checks also may be unavailable as a cost-optimization if Stripe’s machine learning predicts the card is valid and that performing these checks will not increase the probability of a successful payment.
This led me down a bit of a rabbit hole into reading about “card testing”, which is when fraudsters test if a stolen card is usable by making a small charge.
Archive
chinese
tang-dynasty-poetry
李白
python
王维
rl
pytorch
numpy
emacs
杜牧
spinningup
networking
deep-learning
贺知章
白居易
王昌龄
杜甫
李商隐
tips
reinforcement-learning
macports
jekyll
骆宾王
贾岛
孟浩然
xcode
time-series
terminal
regression
rails
productivity
pandas
math
macosx
lesson-plan
helicopters
flying
fastai
conceptual-learning
command-line
bro
黄巢
韦应物
陈子昂
王翰
王之涣
柳宗元
杜秋娘
李绅
张继
孟郊
刘禹锡
元稹
youtube
visdom
system
sungho
stylelint
stripe
softmax
siri
sgd
scipy
scikit-learn
scikit
safari
research
qtran
qoe
qmix
pyhton
poetry
pedagogy
papers
paper-review
optimization
openssl
openmpi
nyc
node
neural-net
multiprocessing
mpi
morl
ml
mdp
marl
mandarin
macos
machine-learning
latex
language-learning
khan-academy
jupyter-notebooks
ios-programming
intuition
homebrew
hacking
google-cloud
github
flashcards
faker
docker
dme
deepmind
dec-pomdp
data-wrangling
craftsman
congestion-control
coding
books
book-review
atari
anki
analogy
3brown1blue
2fa