Effective immediately, all Clover Ecommerce implementations require CAPTCHA for fraud prevention. The Clover developer agreement is updated to account for best practices related to our Ecommerce integrations. Review the updated terms, especially Section 3.7, which explains that the developer is responsible for securing calls to Charge and Order Pay.
If you use iframe or REST API for Ecommerce integrations, you must implement some form of CAPTCHA to combat fraud attempts. Check out our blog post for an example of using the Google reCAPTCHA free service as an example.
In April 2023, we added reCAPTCHA to the Clover-hosted checkout flow to combat fraud on card-not-present transactions. This feature is readily available to merchants—no changes are needed. Users of any Clover-hosted checkout Ecommerce implementation must enter a reCAPTCHA verification upon login.
Updated 2 months ago