In order to minimise the likelihood that a checkout request is bot-driven, Limio supports Google's reCAPTCHA v3 through Zuora's Hosted Payment Method (HPM).
How does it work?
reCAPTCHA v3 is an invisible tool and doesn't add friction to a customer's checkout experience.
Instead, when a checkout request is sent, reCAPTCHA calculates a score for that request and rejects it if it's highly likely that the request is from a bot.
How to configure reCAPTCHA on your site
To enable reCAPTCHA you will first need a license.
On the Limio Commerce app navigate to General Settings > Site Security settings to enable reCAPTCHA.
You'll need to enter:
- your site key (this is set up in Google)
- your secret key (this is set up in Google)
- a deny threshold:
This is a value between 0 - 1 (1 being a good interaction and 0 a high likelihood that it's a bot). If you set it to 0.2 for example, and the score we receive is less than 0.2, the request will fail.
Configuring reCAPTCHA in the Site Security settings page
Where will reCAPTCHA be used?
The following components enable customers to fulfil a purchase or an order change and so support the use of reCAPTCHA:
- single-page-checkout
- checkout
- redeem-checkout
- switch-subscription
- customer-orders
- customer-orders
- redeem-checkout
- payments-table
- form
If you configure reCAPTCHA to be used on your site, any pages which use these components will utilise reCAPTCHA.
Setting up further checks
There are additional options for reCAPTCHA that you can set up through Zuora, should you need to introduce further checks.
Please note: if you are adding or updating reCaptcha onto existing pages you will need to rebuild and republish the pages to see those effects.
Comments
0 comments
Please sign in to leave a comment.