The Foxy forums are on the move!

We're in the process of moving our forums over to a new system, and so these forums are now read-only.
If you have a question about your store in the meantime, please don't hesitate to reach out to us via email.

Can we prevent the same credit card number from being used by two different user accounts?

nealsharmonnealsharmon Member
in Help edited February 2014
We would like to do free trials that have a $5 google wallet credit that comes with the free trial.

However, we would like for the trial to require a credit card.

Is it possible for us to prevent two users from entering the same credit card?

That would prevent fraud for this use-case. Any thoughts are appreciated!
  • brettbrett FoxyCart Team
    Hey @nealsharmon.
    There's nothing out of the box that'd prevent this, but … I had some ideas but none of them would adequately address this problem. I keep thinking about a way to check the last 4 digits (available via the API) or a hash of the card (not actually available, so moot), but you can't search for a customer off the last 4 digits.

    On the one hand, I could see that being useful, but otoh I think "No, bad Brett for even thinking about using the last 4 for any sort of verification or authentication purposes!" (It's a not-uncommon way to hijack accounts and steal domains or emails.)

    Using existing functionality, you could store the last 4 digits, the card type, and other customer information on your end. Then before giving the $5 credit, check your db for any matches. If you get a match (and you might want to check on IP address or a combination of "same last name and same state" or whatever might make sense), flag for manual review.

    Using hypothetical future functionality, if we provided a partial GUID / token for the card #, you could rely on that. But in the meantime, would the idea above work?
Sign In or Register to comment.