Logo

What can we help you with today?

Security and Privacy

Fraud Protection

Last updated on 10 Apr, 2026

You should take steps to prevent the use of stolen credit cards on your donation pages.

Follow our guide below to reduce your exposure to online credit card fraud.   

Common types of online fraud

Card Testing - Donations made to your donation page by an automated bot that spams your donation page with donations every few seconds, looking for a credit card acceptance. Without the proper protections in place, a bot could submit thousands of donation attempts in a short period of time. 

Refund fraud - when a donor makes a large online donation using a stolen card, then calls the nonprofit claiming that the donation was made in error (aka, “I accidentally donated $2,000 when I meant to give $200), then demands a refund paid to a different account or card.

Steps you can take to help protect your nonprofit from credit card fraud...

Step 1 - Configure your payment gateway to detect and prevent fraud and alert you to suspicious transactions.

4aGoodCause supports both Authorize.net and Stripe as payment processors.

See our linked guides below on the fraud protection options offered for each payment gateway. 

Authorize.net

Advanced Fraud Detection Suite (AFDS)

Stripe

Radar

Step 2 - Deploy reCaptcha (strongly recommended)

If your nonprofit has been targeted by high-volume automated card testing that doesn’t stop after a handful of attempts (10 or so), deploy reCAPTCHA from Google as another safety measure. This forces users to prove their legitimacy and humanity, thereby stopping automated, robotic submissions. This is an option you can enable in 4aGoodCause. 

Please note - 4aGoodCause uses invisible Google reCAPTCHA v3 on donation and event pages to help protect your forms from bots and spam. This feature is enabled by default, so you do not need to set it up manually, although the instructions are below. It works in the background to help keep checkout smooth for donors while adding an extra layer of security.

How to enable reCAPTCHA from Google

  1. Log in to https://4agc.com as a Nonprofit User. 

  2. Click on Settings in the left menu.

  3. Click on Fraud Protection in the left menu.

  4. Check the box labeled Enable reCAPTCHA

  5. Click Save. 

This will place an invisible reCAPTCHA on all your donation and event pages. 

More information:

Protect your nonprofit from credit card fraud (great overview from our blog)

About reCaptcha

About reCaptcha (video)

 

Did you find this article helpful?
Previous

Integrations

Next