Closed kauffj closed 3 years ago
Can also disable for BR location for now.
Investigated configuration and flows of our usage of stripe API and advised backend team of improvements needed.
CAPTCHA, if is required, can be copy/pasted from elsewhere: https://github.com/lbryio/lbry-desktop/blob/3bab4feeca77a0d1f86ab96d3b7e6072ca6a950c/ui/page/signInVerify/view.jsx#L124
note: this would also require corresponding backend changes to verify captcha response prior to calling any stripe apis.
Backend modifications in progress by that team currently.
This is at the request of Stripe and is required to maintain our account.
Rate-limiting, limiting the number of failures, and adding captchas after failures are the logical steps from a skim of https://stripe.com/docs/card-testing