Why no reCAPTCHA on Donation Blocks?

[Prospector]

Hey,

We are a non-profit, and are currently the victim of card testing. It seems like a script is being run with stolen cards that uses our Donation Checkout URL to make $1 transactions. I have reached out to both Stripe and Squarespace - they claim they are aware of this. I am refunding the transactions as they come in.

I am totally frustrated with a few things. The main one being that there is simply no reCAPTCHA support for Donation Blocks, only regular form blocks. This seems like a major oversight.

Secondly, whoever is doing this is able to bypass our additional forms that have required questions. I am not sure if they have an old checkout URL, or they are just able to ignore those fields.

Squarespace Support has not been that helpful, other than the usual "We take this seriously". I asked if I could get a follow up and updates, but I was told they don't do that.

This has been quite a headache and really puts SquareSpace in a negative light.

Ryan

P.S - There is reCAPTCHA for submitting this question, but not for Donations. Insane!

[weschilders]

I'm having the same issue. I chatted with support this morning and I'm waiting on a solution. I received an email from Stripe saying that they were disabling card processing until we added a captcha to our checkout process.

[Jess1234]

Hi, I am having the same issues now. I was wondering if you had any luck with finding an answer for this?