Menu
Feedback
Start here
Tutorials
Developer portal

Known Issues
Support Rules
Troubleshooting

Frequently Asked Questions
Announcements
Tutorials
Tutorials
Explore in-depth tutorials for operating your VTEX store.
Tutorials
Security
Store security
Best practices against virtual attacks
Best practices against virtual attacks

VTEX offers different protections against possible attacks on stores. Still, there are settings and third-party products that may enhance the security of your operation. This article describes some of these resources:

The measures in this guide do not entirely eliminate the possibility of an attack but may considerably reduce the likelihood of them happening if properly employed.

Anti-fraud solution

Anti-fraud systems specialize in analyzing ecommerce purchases to identify fraudulent transactions. They analyze customers' behavioral data and prevent suspicious purchases from being made.

Learn more about anti-fraud systems and how to use them on VTEX.

To increase security, set up your anti-fraud solution for all the payment methods available in your store.

Protection against transaction attacks

To access the documentation on this topic, insert your VTEX account name below, click the button and login into the Admin panel.

reCAPTCHA v3 at Checkout

reCAPTCHA is a user verification solution for orders paid by credit or debit card. It prevents the use of malware for fraudulent purposes.

We recommend using reCAPTCHA v3, which uses a quality score instead of pop-up validation and is, therefore, harder to circumvent in such scenarios.

Learn more about how to set up this verification at your store's checkout in the article reCAPTCHA at checkout. To implement reCAPTCHA V3 in a VTEX store, see the reCAPTCHA developer's guide.

reCAPTCHA verification is enabled by default when store customers go through the steps of adding credit cards, without having to be configured by the store.

orderForm settings

To access the documentation on this topic, insert your VTEX account name below, click the button and login into the Admin panel.

Disabling password login

If your store is still being attacked even with the mentioned resources enabled, we recommend disabling password login. This measure can be temporarily or permanently enabled, aiming to break the attack automation flow.

To perform this configuration:

  1. Go to Account settings > Authentication.
  2. Disable the password field.

Learn more about how to manage authentication methods for your store.

Contributors
2
Photo of the contributor
Photo of the contributor
+ 2 contributors
Was this helpful?
Yes
No
Suggest Edits (GitHub)
Contributors
2
Photo of the contributor
Photo of the contributor
+ 2 contributors
On this page
Still got questions?
Ask the community
Find solutions and share ideas in the VTEX community.
Join our community
Request support from VTEX
For personalized assistance, contact our experts.
Open a support ticket
GithubDeveloper portalCommunityFeedback