How to Prevent Fraud with Email Verification and One Time Codes (Recommended)

To help add additional protection against attempted fraud or spam payments, email verification can be enabled after a set number of charges fail in a given timeframe.

We strongly recommend that you enable and configure email verification and use reCAPTCHA to help prevent fraudulent payments.

To enable, visit WP Simple Pay → Settings → Anti-Spam and enable Email Verification.

Once enabled, and a number of fraud events are detected within the set timeframe the payer must retrieve the one-time-use code from the email inbox, and enter it on the payment form.

In order to properly detect charge declines due to fraud you must ensure your site is configured to accept Stripe webhooks →

With a valid verification code, the payment attempt continue as usual, and is still subject to Google reCAPTCHA v3 verification (when enabled) and Stripe Radar rules.

Once there have been no charge declines due to fraud for the set number of time, payments can be processed without additional email verification.