Captcha on Checkout – Is It a Good Idea?
Captcha – That always hard to read, seriously infuriating, takes 7 tries to get right, security measure designed to cut down on fraud.
In many situations, a Captcha image is needed and is quite helpful in weeding out the spam and bots from real people. But is the checkout page on an ecommerce store the right situation?
Ecommerce store owners are always looking for better ways to stop fraud. Unfortunately, captcha is not designed to stop fraud. It is designed to stop automated “bots” and scripts from being able to complete forms and pages on the web.
If you get fraudulent orders that are placed by human beings, adding captcha will not help stop this activity.
Stop the bots!
If your store is frequently (or even occasionally) used by automated bots to test if credit cards are valid or not (you’ll know this is happening if the same IP number has a large number of declined attempts all using different card numbers), then captcha could be quite helpful in stopping this behavior.
However, in your zeal to stop the bad guys, you may be angering and hindering the good guys and gals trying to order your products! That is not a good thing.
Compromises work best
So what’s a merchant to do? I suggest enabling captcha only after X failed attempts. I recommend setting “X” to 3 or 5 failed attempts.
In this manner, the odds of legitimate customers failing to submit a valid credit card 3 or 5 times in a row are quite low. Most if not all of your customers will never have to deal with the annoying image.
For the bots and automated card testers, they will be blocked quite effectively only after three or five failed attempts.
If you use ShopSite as your ecommerce platform, you can set Captcha after X failed attempts under:
Commerce Setup -> Payment -> “the section at the bottom of the page”