What is Card Cracking?

The brute force nature of a Card Cracking attack often results in its being mistakenly identified as a DDoS attack, as they generate thousands of requests per second as the attackers attempt to validate card details. This leads to businesses paying to scale the resources needed to keep your website and payment gateway open to real customers.

There is both a direct and indirect cost to businesses associated with Card Cracking. Not only does the activity force businesses to impose rate limiting, additional customer challenges or issue fines for increased levels of fraud, but continual fraudulent activity can lead to significant reputational damage.

Following a successful carding attack, the business may be left with chargebacks from the payment provider for successfully cracked cards and expensive investigations. In extreme cases, an organisation may lose their ability to process payments due to the high levels of fraud associated with their business.

Stolen card data is a valuable commodity, and methods for obtaining it are becoming increasingly sophisticated to ensure continued success. In some cases, attackers will place random items in a cart to appear more like real users, or combine web scraping, account takeover and carding to make it impossible to identify the attack using traditional analysis.

At Netacea, we combine powerful machine learning technology with Intent Analytics™ to analyse millions of requests, signals and patterns and identify automated attacks in real-time.

Our Intent Analytics™ Engine allows you to shut down automated carding attacks and protect your business with incredible speed and accuracy.

We have developed a revolutionary solution that goes beyond static rules or simple behavioural checks. Instead, our algorithm constantly analyses your web traffic to detect sophisticated evasion techniques. This allows you to have constant visibility and control of the attack, so that you can prioritise real transactions and block the automated abuse.