Adding Captcha to your Checkout Flow

It is an unfortunate fact that eCommerce stores attract fraud.

A way to help combat this is to install a captcha1 solution into your checkout process to help you limit fraud attacks. StoreConnect currently has built in support for the Google reCAPTCHA[^recaptcha] v3 service.

Note: reCAPTCHA v2 is not supported.

reCAPTCHA Setup & Installation

To install reCAPTCHA, please first create a case with StoreConnect support asking to install this for you and get your case number from this ticket, you will need it in the last step when you are sending us your codes.

You need to supply StoreConnect support with your reCAPTCHA site key and secret key as well as the minimum score you want to accept.

To get your reCAPTCHA site key and secret key, go to https://g.co/recaptcha/v3 and sign in and then create a reCAPTCHA v3 code for your site.

In the label put the name you would like to refer to this reCAPTCHA code by.

In the reCAPTCHA type, be sure to choose reCAPTCHA v3

In the Domains add all of the store domains you want to protect with this reCAPTCHA key. Be sure to add all the domain names for all of the stores in your StoreConnect installation, as you will not have reCAPTCHA protection for any domain name not listed. In the domain name field, just put the base domain, so example.com will protect example.com, www.example.com, site-1.example.com and any other subdomain of example.com.

You can optionally specify whom to notify about the site and you need to accept the terms.

Once you have these codes, please go to https://secretlink.org/ and send these to our support team. Be sure to specify which code is which and in the message please include the case number of the ticket you raised.

When we receive your codes, we will install into your store and it will be live shortly there after.

reCAPTCHA Failure Message to Shoppers and Bots

Any bots that are detected will be told after trying to fill out the first step of the checkout process at the customer information form an error message saying:

We have detected unusual activity, please try again or contact us for support.

reCAPTCHA Minimum Passing Score

When we put your reCAPTCHA code live, we will initially set your passing score to 0.3 to let Google start learning about your site. You can monitor the status of your reCAPTCHA code from the google reCAPTCHA v3 Admin Console.

From this admin page you can decide if you want to increase or decrease your set score.

To change your score, just let us know via a support ticket.

This lets your shoppers contact you if you have set your minimum passing score too high and start blocking legitimate traffic.

Important Note

If your site key changes, you must let us know otherwise your bot protection will be compromised.

Privacy Compliance

Once you are using reCAPTCHA, your shoppers data is being sent to Google for verification, you should seek legal advice to review your Privacy Policy to ensure you are disclosing the correct information to your shoppers and if you are using StoreConnect’s Cookie Management and Privacy Compliance feature you should update this as well.

 

 

  1. Captcha: A CAPTCHA is a type of challenge–response test used in computing to determine whether or not the user is human. 

 
 
Back to Documentation