Honeypot on donation forms?
Hi all,
We've been getting hammered by bots lately. Usually it's been one record trying various CCs 100s of times. This time, it was presumably one bot trying multiple CCs with different names and emails each time. So now we have thousands of bad records.
I asked about this before and a honeypot was recommended. I'm looking to see if anyone has ideas on how to accomplish that. A vendor of ours says there isn't really a solution within LO, but it is surely possible, isn't it?
Thanks in advance!
We've been getting hammered by bots lately. Usually it's been one record trying various CCs 100s of times. This time, it was presumably one bot trying multiple CCs with different names and emails each time. So now we have thousands of bad records.
I asked about this before and a honeypot was recommended. I'm looking to see if anyone has ideas on how to accomplish that. A vendor of ours says there isn't really a solution within LO, but it is surely possible, isn't it?
Thanks in advance!
Tagged:
0
Comments
-
Funny that survey's have this built in, but donation forms do not.
I think you could do it with an API form, but not with the standard form-builder form. I think the Luminate CAPTCHA field is your only choice there.
The thing is the bot is not going to be running the css and javascripts on your form, so anything you could add would be ignored. An API form simply won't work at all without JS.
BPM0 -
Hi JD,
Here's a couple api forms that I set up for clients to do what you're asking-
https://spca.bc.ca/donations/make-a-donation/
https://foodbank.bc.ca/donations/donate/
Includes a security layer/honeypot/banning system to stop fraudulent cc transactions- give me a message if you want more info on what's effective, it's definitely doable with the api as Brian says!1 -
We were at least able to add Captcha to the offending form--and that seems to have helped--but it's not my favorite thing to look at. And I would prefer to not add that to all forms (nearly all of our donation forms are in the out-of-the-box form builder).
So it seems forms via the API really is the only option, then.0 -
The biggest downside is payment types. The API only supports Cards and PayPal. And ACH is just rolling out. As far as I know ApplePay, Venmo, etc are not even on the roadmap.
I complain about this to anyone that will listen.
BPM1
Categories
- All Categories
- 6 Blackbaud Community Help
- 211 bbcon®
- 1.4K Blackbaud Altru®
- 402 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 360 Blackbaud eTapestry®
- 2.6K Blackbaud Financial Edge NXT®
- 657 Blackbaud Grantmaking™
- 577 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 941 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.7K Blackbaud Raiser's Edge NXT®
- 3.7K SKY Developer
- 248 ResearchPoint™
- 120 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 240 Member Lounge (Just for Fun)
- 34 Blackbaud Community Challenges
- 37 PowerUp Challenges
- 3 (Open) PowerUp Challenge: Grid View Batch
- 3 (Closed) PowerUp Challenge: Chat for Blackbaud AI
- 3 (Closed) PowerUp Challenge: Data Health
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 796 Community News
- 3K Jobs Board
- 54 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)