1. Documentation
  2. WooCommerce Payments
  3. WooCommerce Payments FAQs

Why am I seeing an increase in failed orders and failed payments?

Example order notes after card testing

On occasion, you may see an increase in the number of orders coming through to your store with the failed status.

If your store has a large number of orders with the failed status from a short period of time, or orders with a large number of order notes on failed orders with decline messages, this can be a symptom of a card testing attack on your store.

Card testing, also known as “carding”, is the activity of checking if a stolen credit card number can be used to make purchases. It is common for card testers to attack a site with dozens or hundreds of stolen card numbers in a short period of time.

These orders do not represent missed sales. Nor are they usually caused by issues with your checkout preventing legitimate buyers from completing payments.

Card testing can cause other issues for your business, like an increase in disputes and decline rates, negatively impacting the reputation of your business.

Prevent card checking ↑ Back to top

WooCommerce Payments has a variety of measures in place to mitigate card testing attacks. We also consistently work with our payment partners to develop new solutions to mitigate carding attacks on stores using WooCommerce Payments.

These measures alone can not prevent all attacks. Especially because automated measures are designed not to interfere with legitimate activity on your store.

Because of this, there are additional measures you can take to protect your store.

An effective additional step you can take to reduce card testing is to install a CAPTCHA plugin and enable the CAPTCHA on your store’s checkout. 

WooCommerce.com offers a number of plugins for Google’s reCAPTCHA service, like this one and this one. There are also freely available plugins on WordPress.org that have not been verified by the WooCommerce team, like this one.

WooCommerce Payments already has rate automated limiting in place to prevent automated card testing attacks; however, if you would like to set your own, lower limits, a plugin like Anti-fraud can help do that.

Get help with card testing ↑ Back to top

The WooCommerce team takes card testing seriously. While we are alerted to spikes in activity that may represent card testing, we are also available to assist with the above measures to mitigate attacks. To get help, submit a ticket.

WooCommerce - the most customizable eCommerce platform for building your online business.

  • 30 day money back guarantee
  • Support teams across the world
  • Safe & Secure online payment