Forms are designed to be fast and easy to use. Unfortunately, this makes them the ideal tool for credit card thieves or computer bots to test credit card numbers. Fraudulent transactions are not an attack against your organization, and your information is still secure. However, these transactions can add unwanted information into Bloomerang CRM and make extra work for you.
Bloomerang CRM has multiple solutions to help prevent fraudulent transactions.
IP Rate Limiting
IP rate limiting caps the number of transactions from a single IP address for all of your transaction forms. We recommend that your turn on IP rate limiting.
To turn on IP rate limiting:
Click Communications.
Click Forms.
On the Form Settings tile, click Select.
Select Rate Limit Transaction Forms.
Click Save.
This method is effective but not foolproof. A sophisticated thief can easily change which IP address the transactions use. Only turn it off if you expect multiple transactions from the same location, like a school or office, within a 24-hour period.
Note: IP rate limiting is automatically turned on if your processor is BluePay.
reCAPTCHA
reCAPTCHA is a free Google service that helps protect your forms. reCAPTCHA can detect suspicious behavior and prevent bots (computers that mimic humans) from filling out forms. Read more about reCAPTCHA.
NACHA Compliance
NACHA is the governing body for the ACH Network, which processes electronic funds transfers in the United States. Bloomerang Payments is compliant with NACHA standards for fraud prevention.
Whenever a bank account is entered using Bloomerang Payments or on online giving forms, the account is scanned using a trusted 3rd party tool called gVerify. The scan happens in the background and ensures that the bank account is valid before processing the donation. If a bank account is valid, the transaction is successfully submitted without issue. If a bank account is not valid, the transaction is rejected, saving you time and effort in the event any fraudulent account numbers are being used.
When to Contact Us
If you see an error message for an invalid routing number, account number, or credit card number while entering a transaction in Bloomerang CRM, verify the number with the donor and try again. If you suspect fraudulent charges have been made through your online giving forms, email [email protected].