{"section":"tutorials","requestedLocale":"en","requestedSlug":"best-practices-against-virtual-attacks","locale":"en","slug":"best-practices-against-virtual-attacks","path":"docs/en/tutorials/security/store-security/best-practices-against-virtual-attacks.md","branch":"main","content":"VTEX offers different protections against possible attacks on stores. Still, there are settings and third-party products that may enhance the security of your operation. This article describes some of these resources:\n\n- [Anti-fraud solution](#anti-fraud-solution)\n- [Protection against transaction attacks](#protection-against-transaction-attacks)\n- [reCAPTCHA v3 at Checkout](#recaptcha-v3-at-checkout)\n- [orderForm settings](#orderform-settings)\n- [Disabling password login](#disabling-password-login)\n\n> ℹ️ The measures in this guide do not entirely eliminate the possibility of an attack but may considerably reduce the likelihood of them happening if properly employed.\n\n## Anti-fraud solution\n\nAnti-fraud systems specialize in analyzing ecommerce purchases to identify fraudulent transactions. They analyze customers' behavioral data and prevent suspicious purchases from being made.\n\nLearn more about [anti-fraud systems](/en/docs/tutorials/what-is-anti-fraud) and how to use them on VTEX.\n\n> ⚠️ To increase security, set up your anti-fraud solution for all the payment methods available in your store.\n\n## Protection against transaction attacks\n\nTo access the documentation on this topic, insert your VTEX [account name](/en/tutorial/what-is-an-account-name--i0mIGLcg3QyEy8OCicEoC#) below, click the button and login into the Admin panel.\n<iframe src=\"https://vtexhelp.myvtex.com/insertaccountname?id=62oQBmi7UZlYlgb0Ha1hZ3\" title=\"Insert your account name and click the button.\" frameBorder=\"0\" width=\"400\" height=\"50\"></iframe>\n\n## reCAPTCHA v3 at Checkout\n\nreCAPTCHA is a user verification solution for orders paid by credit or debit card. It prevents the use of malware for fraudulent purposes.\n\nWe recommend using [reCAPTCHA v3](/en/docs/tutorials/using-recaptcha-at-checkout#recaptcha-v3), which uses a quality score instead of pop-up validation and is, therefore, harder to circumvent in such scenarios.\n\nLearn more about how to set up this verification at your store's checkout in the article [reCAPTCHA at checkout](/en/docs/tutorials/using-recaptcha-at-checkout#recaptcha-v3). To implement reCAPTCHA V3 in a VTEX store, see the [reCAPTCHA](https://developers.vtex.com/docs/guides/recaptcha#recaptcha-v3-score) developer's guide.\n\n> ℹ️ reCAPTCHA verification is enabled by default when store customers go through the steps of [adding credit cards](/en/docs/tutorials/how-my-account-works#credit-cards), without having to be configured by the store.\n\n## orderForm settings\n\nTo access the documentation on this topic, insert your VTEX [account name](/en/docs/tutorials/what-is-an-account-name) below, click the button and login into the Admin panel.\n\n<iframe src=\"https://vtexhelp.myvtex.com/insertaccountname?id=7EAqNk48KP2QHnCxu856jT\" title=\"Insert your account name and click the button.\" frameBorder=\"0\" width=\"400\" height=\"50\"></iframe>\n\n## Disabling password login\n\nIf your store is still being attacked even with the mentioned resources enabled, we recommend disabling password login. This measure can be temporarily or permanently enabled, aiming to break the attack automation flow.\n\nTo perform this configuration:\n\n1. Go to **Account settings** > **Authentication**.\n2. Disable the **password** field.\n\nLearn more about how to [manage authentication methods](/en/docs/tutorials/authentication) for your store."}