Carding 🔥 A CrdPro Exclusive: Why the cards you bought never work, and what you can do about it. 💳
ThatGuy42109
Carding Novice
- Joined
- 21.08.24
- Messages
- 3
- Reaction score
- 1
- Points
- 1
Thank you very much. YourA CrdPro Exclusive: Why the cards you bought never work, and what you can do about it.
Ever wondered why none of the cards you buy from online card shops seem to work? Even after reading through my AI systems thread, the card you bought for 30$ which the shop guarantees is first-hand somehow still fails to even get a transaction across?
Or if they do, why are they acting inconsistently? Some cards sometimes work for thousands, while most of the times a lot of them cannot even sign you up for a Netflix account!
In order to understand and optimize your workflow for success you need to understand the layers of approvals your order details need to go through in order for your purchase to even result in a success, let alone get it shipped, and why the cards you're buying probably get caught before even proceeding to next stages.
When assessing the risk of a transaction being fraudulent/unauthorized, banks and payment processors implement what is called in the cybersecurity industry as a 'Swiss Cheese Model'.
Swiss Cheese Model
What this means is that instead of the transaction being assessed a single time, it is rigorously put through multiple checks, and require multiple systems of approval, before it allows a charge to succeed. Through advancements in AI and Machine learning algorithms, these entire processes take milliseconds, and are virtually frictionless to the end legitimate consumer.
For this writeup's demonstration purposes, we'll steadily assume your card is fully valid. I'll walk you through each step, and reveal at the end why the cards you bought tend to fail. The first step of the process when you submit a transaction is essentially the site's own risk analysis. Seon, Radar, Riskified, Forter, the list goes on and on, and I've covered this in depth in my article at: How To Bypass Modern AI Anti-Fraud Systems" target="_blank">
In that article we've uncovered tricks and bypasses that you have control over, but I left out a giant piece of the puzzle: the card you're using.
You see, while you can have a brand-new laptop with an astounding fingerprint, the best residential proxy in the world, your card could've been run through a fuckton of checks within the fraud system and this increases the risk metrics for your transaction tremendously.
In order to understand what I mean, we need to have an in-depth understanding of the underground economy of card-selling:
(old photo of card shop from decades ago, haha)
Understanding how the CVV economy operates needs only four words, and is dead-simple: Sellers want maximum profit.
While shop operators and maintainers have reputation to establish and maintain, sellers on a lot of these platforms do not, they are often faceless entities that rotate identities regularly, and whatever route they can take to make them more money, they'll take. What this means is that card shops with rules that aren't stringent enough or quality checks that aren't rigid enough will inevitably get a sea of garbage/resold cards.
This also logically means that online shops that do not have enough traffic/sales to make the sellers the most profit are relegated to be low-priority when these sellers start selling cards. What this means is that, the most logical way to maximize profit for someone who resells cards is to post it first on the most popular card shop, give it a few days of selling, check the validity after a few days and remove dead cards, then proceed to reuploading it to the next profitable shop. By the third time the card has been resold they'll basically go free-for-all and post it to as many smaller shops as they can.
What happens is that your success becomes tied to how high up the food chain the shop you're buying from, or how stringent their quality checks are. The other side effect of this kind of economy is that big players/shops maintain their dominance and are able to extract more profit from each card sold since the quality of their cards is much better (since sellers post on them first) and they maintain a higher market share (since smart buyers will check with their site first).
Anatomy of a Resold Card
One thing people do not understand enough is that a card being resold to multiple stores isn't the biggest factor as to why you're failing the first risk check. A card could, in theory, be resold to five shops, remain unsold for weeks, and still hit big numbers. The larger problem is that the process of reselling cards to multiple stores necessitates a lot of the greedy sellers—since they also want to double-dip and profit on sold cards—to run checks on the cards before they reupload them.
How are cards checked?
With each re-upload to different stores, a seller can then use services like 4Check and Lux to check the bases and remove the dead cards. While this presents a whole host of different problems, which I'll tackle later, this simply isn't what a majority of sellers use since these merchant-based checkers tend to get expensive and unprofitable. Checking 1000 cards in 4Check costs 250$!
So what do they use? Dirt-cheap bind checkers.
The Boom of Bind Checkers
So what are Bind-based Checkers? Bind-based checkers are essentially checkers that attempt to bind the card to a service, or to create a payment using the card in an automated and fast way. A couple examples of this are FlashCheck and OMGCheck:
The payment system these bind-based checkers operate in is mostly Stripe or Braintree. Either they have a massive list of API keys that they rotate regularly, or they have a massive list of websites with unsecured forms (for donations/adding card/etc) where they submit the card details to and await response. Their scripts submit the card number, expiry, and CVV to the Stripe/Braintree endpoint, and depending on the API response, base their assessment if the card is Live or Dead.
If you've read through my AI system guide you'd understand why this approach kills the card (without actually killing it): When you run your card through these checkers, the Stripe/Braintree/Adyen AI model having mitigations for card-checking, will essentially flag your card as 'stolen' and block it from any payment process done on their payments network indefinitely.
The only choice you then have for this card, with it being blocked from most major payment networks, is to use it with an obscure low-security card processor that has no connection whatsoever with Stripe/Braintree/Adyen. With the big three blocking your card, you've essentially limited yourself out of using the card you have on about 90% of all online stores, at least in the US.
The boom of the bind-checkers only helps greedy card resellers and scriptkiddies on telegram who generate credit card numbers to buy Spotify subscriptions, but it has been an overall net negative for the industry as a whole. It singlehandedly destroyed the success rate of carders far larger than anything else before it. I even joked to a friend of mine that Stripe/Braintree/etc might've been really allowing these bind-checkers to operate since it makes it very easy for them to know which cards to block. Your only solution in this case is be strict about which shops you plan on sourcing your cards.
Risk-Assessment Providers
If your card successfully passes the initial checks by AI models, the next step involves scrutiny by risk-assessment providers. These external companies specialize in evaluating the risk associated with a transaction, providing an additional layer of security beyond what Stripe offers. Unlike Stripe, which primarily considers machine-generated signals such as IP addresses and browser fingerprints, risk-assessment providers take a more comprehensive approach. They delve into the entire metadata of the transaction, examining various factors to ensure its overall legitimacy and safety. This thorough evaluation helps in detecting any potential fraud that might have been missed by the initial AI checks.
- Risk-profile of the cardholder (including amount)
- Risk-profile of the merchant
- Nature of the transaction
A practical example of this process is repeatedly entering the wrong CVV code. While Stripe's systems might not immediately block you, various banks using different risk-assessment providers could. This discrepancy could result in receiving a 'generic_decline' code from Stripe. It's important to note that Stripe's Radar system does not give customers detailed explanations if a decline is triggered by an external risk provider, even if your transaction is deemed safe by Stripe itself. Thus, the external risk-assessment can impact the outcome, despite a positive assessment from Stripe. If you've used Stripe Radar to assess your own cards, you've likely come across this: all the fraud metrics are low, but the fraud score is still high:
If risk-assessment providers flag your transaction, it often results in a 'card block.' These blocks are usually temporary and are automatically lifted within approximately 72 hours. Alternatively, you can expedite the process by contacting your bank directly to have the block removed.
This situation is what CC shops and checkers refer to as 'risk-control' or code 59 Suspected Fraud. If you come across this, it's best to let your card take a short breather for a couple of days—think of it as a mini-vacation. During this cooling-off period, if the card owner hasn’t set up alerts and remains blissfully unaware of your transaction attempt, you can try again. Just remember, success relies on factors mostly out of your control, aside from the purchase amount. Repeatedly checking the card through merchant-based checkers is like repeatedly nudging someone who's trying to nap—you're bound to get a 'card block.' So, give it some space and let things cool down a bit.
Bank Checks
Congrats! Your transaction passed the payment processor and risk provider. Now for the final step: the bank. Bank checks are basic; they focus on transaction amount and how it fits the cardholder’s usual spending habits.
Say the cardholder only uses his Costco card to hide his $10 OnlyFans subscription from his wife. Suddenly, it tries to buy an $8,000 Alienware laptop? The bank will likely block it. Big deviations from normal spending raise flags.
Here’s a trick: use the cardholder’s ZIP code with this tool to find the neighborhood’s median income. Use this to set a reasonable transaction limit. Note that for higher chances of approval, transactions should be within a reasonable range of the median income.
Card tier and BINs matter, but not overly so. Platinum cards may allow higher limits, but sudden large purchases can still be blocked. The inverse is also true: Standard/Classic cards can hit big if the cardholder loves to splurge on expensive things to feel adequate and look rich. Some BINS work better for some stores, and there's a multitude of those already on the forum. Also, consider the card's transaction history. Frequent small purchases leading up to a big one might help normalize the larger amount in the bank's eyes. Logically, large purchases by the holder lend trust to large purchases by you, so what I tend to do is use Visa Purchase Alerts, wait for the holder to make huge purchases like this, and follow it up with my own big purchase; it works every damn time!
Now the most magical part of this is that the entire check process from platform to bank takes less than two seconds. And these two seconds decide the fate of your transaction, so try to optimize for what you can control (the amount of the purchase, the shop you're buying from, choosing zip, choosing BIN) and do not waste too much time over things you can't.
Remember, as the financial systems improve over time, so should your strategies in circumventing them. And the only way you can do that is to gain proper knowledge through experience.
ThatGuy42109
Carding Novice
- Joined
- 21.08.24
- Messages
- 3
- Reaction score
- 1
- Points
- 1
This was very informative. I really liked the search zip code for per capita income. I would have never thought of that. I'm going to do it every time now. Thank you.
![d0ctrine](https://pic-cc.com/data/avatars/m/139/139804.jpg?1703720680"){kind=avatar}
- Joined
- 26.12.23
- Messages
- 231
- Reaction score
- 3,912
- Points
- 93
Yep. I'll write more about tricks like these in the future. There are bunch of them.
dinamita009
Carding Novice
- Joined
- 26.08.24
- Messages
- 14
- Reaction score
- 1
- Points
- 1
Thanks for your contribution, would you be so kind as to share a little of your time with me? I have a concern bro
Hasan_1337
Carding Novice
- Joined
- 21.09.24
- Messages
- 8
- Reaction score
- 0
- Points
- 1
Thanks for guidance
Ever wondered why none of the cards you buy from online card shops seem to work? Even after reading through my AI systems thread, the card you bought for 30$ which the shop guarantees is first-hand somehow still fails to even get a transaction across?
Or if they do, why are they acting inconsistently? Some cards sometimes work for thousands, while most of the times a lot of them cannot even sign you up for a Netflix account!
In order to understand and optimize your workflow for success you need to understand the layers of approvals your order details need to go through in order for your purchase to even result in a success, let alone get it shipped, and why the cards you're buying probably get caught before even proceeding to next stages.
When assessing the risk of a transaction being fraudulent/unauthorized, banks and payment processors implement what is called in the cybersecurity industry as a 'Swiss Cheese Model'.
Swiss Cheese Model
What this means is that instead of the transaction being assessed a single time, it is rigorously put through multiple checks, and require multiple systems of approval, before it allows a charge to succeed. Through advancements in AI and Machine learning algorithms, these entire processes take milliseconds, and are virtually frictionless to the end legitimate consumer.
For this writeup's demonstration purposes, we'll steadily assume your card is fully valid. I'll walk you through each step, and reveal at the end why the cards you bought tend to fail. The first step of the process when you submit a transaction is essentially the site's own risk analysis. Seon, Radar, Riskified, Forter, the list goes on and on, and I've covered this in depth in my article at: How To Bypass Modern AI Anti-Fraud Systems" target="_blank">
In that article we've uncovered tricks and bypasses that you have control over, but I left out a giant piece of the puzzle: the card you're using.
You see, while you can have a brand-new laptop with an astounding fingerprint, the best residential proxy in the world, your card could've been run through a fuckton of checks within the fraud system and this increases the risk metrics for your transaction tremendously.
In order to understand what I mean, we need to have an in-depth understanding of the underground economy of card-selling:
(old photo of card shop from decades ago, haha)
Understanding how the CVV economy operates needs only four words, and is dead-simple: Sellers want maximum profit.
While shop operators and maintainers have reputation to establish and maintain, sellers on a lot of these platforms do not, they are often faceless entities that rotate identities regularly, and whatever route they can take to make them more money, they'll take. What this means is that card shops with rules that aren't stringent enough or quality checks that aren't rigid enough will inevitably get a sea of garbage/resold cards.
This also logically means that online shops that do not have enough traffic/sales to make the sellers the most profit are relegated to be low-priority when these sellers start selling cards. What this means is that, the most logical way to maximize profit for someone who resells cards is to post it first on the most popular card shop, give it a few days of selling, check the validity after a few days and remove dead cards, then proceed to reuploading it to the next profitable shop. By the third time the card has been resold they'll basically go free-for-all and post it to as many smaller shops as they can.
What happens is that your success becomes tied to how high up the food chain the shop you're buying from, or how stringent their quality checks are. The other side effect of this kind of economy is that big players/shops maintain their dominance and are able to extract more profit from each card sold since the quality of their cards is much better (since sellers post on them first) and they maintain a higher market share (since smart buyers will check with their site first).
Anatomy of a Resold Card
One thing people do not understand enough is that a card being resold to multiple stores isn't the biggest factor as to why you're failing the first risk check. A card could, in theory, be resold to five shops, remain unsold for weeks, and still hit big numbers. The larger problem is that the process of reselling cards to multiple stores necessitates a lot of the greedy sellers—since they also want to double-dip and profit on sold cards—to run checks on the cards before they reupload them.
How are cards checked?
With each re-upload to different stores, a seller can then use services like 4Check and Lux to check the bases and remove the dead cards. While this presents a whole host of different problems, which I'll tackle later, this simply isn't what a majority of sellers use since these merchant-based checkers tend to get expensive and unprofitable. Checking 1000 cards in 4Check costs 250$!
So what do they use? Dirt-cheap bind checkers.
The Boom of Bind Checkers
So what are Bind-based Checkers? Bind-based checkers are essentially checkers that attempt to bind the card to a service, or to create a payment using the card in an automated and fast way. A couple examples of this are FlashCheck and OMGCheck:
The payment system these bind-based checkers operate in is mostly Stripe or Braintree. Either they have a massive list of API keys that they rotate regularly, or they have a massive list of websites with unsecured forms (for donations/adding card/etc) where they submit the card details to and await response. Their scripts submit the card number, expiry, and CVV to the Stripe/Braintree endpoint, and depending on the API response, base their assessment if the card is Live or Dead.
If you've read through my AI system guide you'd understand why this approach kills the card (without actually killing it): When you run your card through these checkers, the Stripe/Braintree/Adyen AI model having mitigations for card-checking, will essentially flag your card as 'stolen' and block it from any payment process done on their payments network indefinitely.
The only choice you then have for this card, with it being blocked from most major payment networks, is to use it with an obscure low-security card processor that has no connection whatsoever with Stripe/Braintree/Adyen. With the big three blocking your card, you've essentially limited yourself out of using the card you have on about 90% of all online stores, at least in the US.
The boom of the bind-checkers only helps greedy card resellers and scriptkiddies on telegram who generate credit card numbers to buy Spotify subscriptions, but it has been an overall net negative for the industry as a whole. It singlehandedly destroyed the success rate of carders far larger than anything else before it. I even joked to a friend of mine that Stripe/Braintree/etc might've been really allowing these bind-checkers to operate since it makes it very easy for them to know which cards to block. Your only solution in this case is be strict about which shops you plan on sourcing your cards.
Risk-Assessment Providers
If your card successfully passes the initial checks by AI models, the next step involves scrutiny by risk-assessment providers. These external companies specialize in evaluating the risk associated with a transaction, providing an additional layer of security beyond what Stripe offers. Unlike Stripe, which primarily considers machine-generated signals such as IP addresses and browser fingerprints, risk-assessment providers take a more comprehensive approach. They delve into the entire metadata of the transaction, examining various factors to ensure its overall legitimacy and safety. This thorough evaluation helps in detecting any potential fraud that might have been missed by the initial AI checks.
- Risk-profile of the cardholder (including amount)
- Risk-profile of the merchant
- Nature of the transaction
A practical example of this process is repeatedly entering the wrong CVV code. While Stripe's systems might not immediately block you, various banks using different risk-assessment providers could. This discrepancy could result in receiving a 'generic_decline' code from Stripe. It's important to note that Stripe's Radar system does not give customers detailed explanations if a decline is triggered by an external risk provider, even if your transaction is deemed safe by Stripe itself. Thus, the external risk-assessment can impact the outcome, despite a positive assessment from Stripe. If you've used Stripe Radar to assess your own cards, you've likely come across this: all the fraud metrics are low, but the fraud score is still high:
If risk-assessment providers flag your transaction, it often results in a 'card block.' These blocks are usually temporary and are automatically lifted within approximately 72 hours. Alternatively, you can expedite the process by contacting your bank directly to have the block removed.
This situation is what CC shops and checkers refer to as 'risk-control' or code 59 Suspected Fraud. If you come across this, it's best to let your card take a short breather for a couple of days—think of it as a mini-vacation. During this cooling-off period, if the card owner hasn’t set up alerts and remains blissfully unaware of your transaction attempt, you can try again. Just remember, success relies on factors mostly out of your control, aside from the purchase amount. Repeatedly checking the card through merchant-based checkers is like repeatedly nudging someone who's trying to nap—you're bound to get a 'card block.' So, give it some space and let things cool down a bit.
Bank Checks
Congrats! Your transaction passed the payment processor and risk provider. Now for the final step: the bank. Bank checks are basic; they focus on transaction amount and how it fits the cardholder’s usual spending habits.
Say the cardholder only uses his Costco card to hide his $10 OnlyFans subscription from his wife. Suddenly, it tries to buy an $8,000 Alienware laptop? The bank will likely block it. Big deviations from normal spending raise flags.
Here’s a trick: use the cardholder’s ZIP code with this tool to find the neighborhood’s median income. Use this to set a reasonable transaction limit. Note that for higher chances of approval, transactions should be within a reasonable range of the median income.
Card tier and BINs matter, but not overly so. Platinum cards may allow higher limits, but sudden large purchases can still be blocked. The inverse is also true: Standard/Classic cards can hit big if the cardholder loves to splurge on expensive things to feel adequate and look rich. Some BINS work better for some stores, and there's a multitude of those already on the forum. Also, consider the card's transaction history. Frequent small purchases leading up to a big one might help normalize the larger amount in the bank's eyes. Logically, large purchases by the holder lend trust to large purchases by you, so what I tend to do is use Visa Purchase Alerts, wait for the holder to make huge purchases like this, and follow it up with my own big purchase; it works every damn time!
Now the most magical part of this is that the entire check process from platform to bank takes less than two seconds. And these two seconds decide the fate of your transaction, so try to optimize for what you can control (the amount of the purchase, the shop you're buying from, choosing zip, choosing BIN) and do not waste too much time over things you can't.
Remember, as the financial systems improve over time, so should your strategies in circumventing them. And the only way you can do that is to gain proper knowledge through experience.
Can you tell us the bins and store
Best in business
Ever wondered why none of the cards you buy from online card shops seem to work? Even after reading through my AI systems thread, the card you bought for 30$ which the shop guarantees is first-hand somehow still fails to even get a transaction across?
Or if they do, why are they acting inconsistently? Some cards sometimes work for thousands, while most of the times a lot of them cannot even sign you up for a Netflix account!
In order to understand and optimize your workflow for success you need to understand the layers of approvals your order details need to go through in order for your purchase to even result in a success, let alone get it shipped, and why the cards you're buying probably get caught before even proceeding to next stages.
When assessing the risk of a transaction being fraudulent/unauthorized, banks and payment processors implement what is called in the cybersecurity industry as a 'Swiss Cheese Model'.
Swiss Cheese Model
What this means is that instead of the transaction being assessed a single time, it is rigorously put through multiple checks, and require multiple systems of approval, before it allows a charge to succeed. Through advancements in AI and Machine learning algorithms, these entire processes take milliseconds, and are virtually frictionless to the end legitimate consumer.
For this writeup's demonstration purposes, we'll steadily assume your card is fully valid. I'll walk you through each step, and reveal at the end why the cards you bought tend to fail. The first step of the process when you submit a transaction is essentially the site's own risk analysis. Seon, Radar, Riskified, Forter, the list goes on and on, and I've covered this in depth in my article at: How To Bypass Modern AI Anti-Fraud Systems" target="_blank">
In that article we've uncovered tricks and bypasses that you have control over, but I left out a giant piece of the puzzle: the card you're using.
You see, while you can have a brand-new laptop with an astounding fingerprint, the best residential proxy in the world, your card could've been run through a fuckton of checks within the fraud system and this increases the risk metrics for your transaction tremendously.
In order to understand what I mean, we need to have an in-depth understanding of the underground economy of card-selling:
(old photo of card shop from decades ago, haha)
Understanding how the CVV economy operates needs only four words, and is dead-simple: Sellers want maximum profit.
While shop operators and maintainers have reputation to establish and maintain, sellers on a lot of these platforms do not, they are often faceless entities that rotate identities regularly, and whatever route they can take to make them more money, they'll take. What this means is that card shops with rules that aren't stringent enough or quality checks that aren't rigid enough will inevitably get a sea of garbage/resold cards.
This also logically means that online shops that do not have enough traffic/sales to make the sellers the most profit are relegated to be low-priority when these sellers start selling cards. What this means is that, the most logical way to maximize profit for someone who resells cards is to post it first on the most popular card shop, give it a few days of selling, check the validity after a few days and remove dead cards, then proceed to reuploading it to the next profitable shop. By the third time the card has been resold they'll basically go free-for-all and post it to as many smaller shops as they can.
What happens is that your success becomes tied to how high up the food chain the shop you're buying from, or how stringent their quality checks are. The other side effect of this kind of economy is that big players/shops maintain their dominance and are able to extract more profit from each card sold since the quality of their cards is much better (since sellers post on them first) and they maintain a higher market share (since smart buyers will check with their site first).
Anatomy of a Resold Card
One thing people do not understand enough is that a card being resold to multiple stores isn't the biggest factor as to why you're failing the first risk check. A card could, in theory, be resold to five shops, remain unsold for weeks, and still hit big numbers. The larger problem is that the process of reselling cards to multiple stores necessitates a lot of the greedy sellers—since they also want to double-dip and profit on sold cards—to run checks on the cards before they reupload them.
How are cards checked?
With each re-upload to different stores, a seller can then use services like 4Check and Lux to check the bases and remove the dead cards. While this presents a whole host of different problems, which I'll tackle later, this simply isn't what a majority of sellers use since these merchant-based checkers tend to get expensive and unprofitable. Checking 1000 cards in 4Check costs 250$!
So what do they use? Dirt-cheap bind checkers.
The Boom of Bind Checkers
So what are Bind-based Checkers? Bind-based checkers are essentially checkers that attempt to bind the card to a service, or to create a payment using the card in an automated and fast way. A couple examples of this are FlashCheck and OMGCheck:
The payment system these bind-based checkers operate in is mostly Stripe or Braintree. Either they have a massive list of API keys that they rotate regularly, or they have a massive list of websites with unsecured forms (for donations/adding card/etc) where they submit the card details to and await response. Their scripts submit the card number, expiry, and CVV to the Stripe/Braintree endpoint, and depending on the API response, base their assessment if the card is Live or Dead.
If you've read through my AI system guide you'd understand why this approach kills the card (without actually killing it): When you run your card through these checkers, the Stripe/Braintree/Adyen AI model having mitigations for card-checking, will essentially flag your card as 'stolen' and block it from any payment process done on their payments network indefinitely.
The only choice you then have for this card, with it being blocked from most major payment networks, is to use it with an obscure low-security card processor that has no connection whatsoever with Stripe/Braintree/Adyen. With the big three blocking your card, you've essentially limited yourself out of using the card you have on about 90% of all online stores, at least in the US.
The boom of the bind-checkers only helps greedy card resellers and scriptkiddies on telegram who generate credit card numbers to buy Spotify subscriptions, but it has been an overall net negative for the industry as a whole. It singlehandedly destroyed the success rate of carders far larger than anything else before it. I even joked to a friend of mine that Stripe/Braintree/etc might've been really allowing these bind-checkers to operate since it makes it very easy for them to know which cards to block. Your only solution in this case is be strict about which shops you plan on sourcing your cards.
Risk-Assessment Providers
If your card successfully passes the initial checks by AI models, the next step involves scrutiny by risk-assessment providers. These external companies specialize in evaluating the risk associated with a transaction, providing an additional layer of security beyond what Stripe offers. Unlike Stripe, which primarily considers machine-generated signals such as IP addresses and browser fingerprints, risk-assessment providers take a more comprehensive approach. They delve into the entire metadata of the transaction, examining various factors to ensure its overall legitimacy and safety. This thorough evaluation helps in detecting any potential fraud that might have been missed by the initial AI checks.
- Risk-profile of the cardholder (including amount)
- Risk-profile of the merchant
- Nature of the transaction
A practical example of this process is repeatedly entering the wrong CVV code. While Stripe's systems might not immediately block you, various banks using different risk-assessment providers could. This discrepancy could result in receiving a 'generic_decline' code from Stripe. It's important to note that Stripe's Radar system does not give customers detailed explanations if a decline is triggered by an external risk provider, even if your transaction is deemed safe by Stripe itself. Thus, the external risk-assessment can impact the outcome, despite a positive assessment from Stripe. If you've used Stripe Radar to assess your own cards, you've likely come across this: all the fraud metrics are low, but the fraud score is still high:
If risk-assessment providers flag your transaction, it often results in a 'card block.' These blocks are usually temporary and are automatically lifted within approximately 72 hours. Alternatively, you can expedite the process by contacting your bank directly to have the block removed.
This situation is what CC shops and checkers refer to as 'risk-control' or code 59 Suspected Fraud. If you come across this, it's best to let your card take a short breather for a couple of days—think of it as a mini-vacation. During this cooling-off period, if the card owner hasn’t set up alerts and remains blissfully unaware of your transaction attempt, you can try again. Just remember, success relies on factors mostly out of your control, aside from the purchase amount. Repeatedly checking the card through merchant-based checkers is like repeatedly nudging someone who's trying to nap—you're bound to get a 'card block.' So, give it some space and let things cool down a bit.
Bank Checks
Congrats! Your transaction passed the payment processor and risk provider. Now for the final step: the bank. Bank checks are basic; they focus on transaction amount and how it fits the cardholder’s usual spending habits.
Say the cardholder only uses his Costco card to hide his $10 OnlyFans subscription from his wife. Suddenly, it tries to buy an $8,000 Alienware laptop? The bank will likely block it. Big deviations from normal spending raise flags.
Here’s a trick: use the cardholder’s ZIP code with this tool to find the neighborhood’s median income. Use this to set a reasonable transaction limit. Note that for higher chances of approval, transactions should be within a reasonable range of the median income.
Card tier and BINs matter, but not overly so. Platinum cards may allow higher limits, but sudden large purchases can still be blocked. The inverse is also true: Standard/Classic cards can hit big if the cardholder loves to splurge on expensive things to feel adequate and look rich. Some BINS work better for some stores, and there's a multitude of those already on the forum. Also, consider the card's transaction history. Frequent small purchases leading up to a big one might help normalize the larger amount in the bank's eyes. Logically, large purchases by the holder lend trust to large purchases by you, so what I tend to do is use Visa Purchase Alerts, wait for the holder to make huge purchases like this, and follow it up with my own big purchase; it works every damn time!
Now the most magical part of this is that the entire check process from platform to bank takes less than two seconds. And these two seconds decide the fate of your transaction, so try to optimize for what you can control (the amount of the purchase, the shop you're buying from, choosing zip, choosing BIN) and do not waste too much time over things you can't.
Remember, as the financial systems improve over time, so should your strategies in circumventing them. And the only way you can do that is to gain proper knowledge through experience.
![Haroldliteco](https://pic-cc.com/data/avatars/m/54/54005.jpg?1730093636"){kind=avatar}
Haroldliteco
Basic
- Joined
- 08.02.22
- Messages
- 16
- Reaction score
- 4
- Points
- 3
If you are using " Visa Purchase Alerts " the bank will alert the card holder right after you sign up for it which means it tells someone is using your card too . 99.99% card holders are using their real phone when applying for cc .
- Joined
- 26.12.23
- Messages
- 231
- Reaction score
- 3,912
- Points
- 93
This isn't true for most cards at all. Why are you spreading misinformation on my threads? Not to mention a weird nitpick on a very small part of the guide.
Haroldliteco
Basic
- Joined
- 08.02.22
- Messages
- 16
- Reaction score
- 4
- Points
- 3
You were wrong about using " Visa Purchase Alerts " method. Have you owned any of these cc from USbank, Chase, Wellsfargo, BOA, etc ? I bet you don't . You can go ahead and use your own card trying to sign up with " Visa Purchase Alerts " or " Verify by Visa " and see the bank will text you the message right away in which leading to cards get killed or blocked unless you're the card holder. Please don't tell me you have BIN that bypass VBV, that's OUTDATED bank company or very hard to find . I was telling the truth, for you I know it's hard to accept it, but the one who spreading misinfo is you, NOT me. We're here to share and learn the right way to carding and avoding mistake in the future, not here trying to be a hero or make oneself look good .
- Joined
- 26.12.23
- Messages
- 231
- Reaction score
- 3,912
- Points
- 93
Talk is cheap. Send proof. Make sure we can corroborate it with data on the net. Not that it matters much, as this is a minor aspect and hardly important to this guide.
For starters: you can always spam the holder with an SMS bomb. Problem solved. Ever though of that? Or are you just a whining crying bitch who just complains instead of coming up with solutions? )))
Go ahead and ask around, I'm sure there are plenty of people who can attest to using Visa Alerts bins for bypassing certain sites. None are having the issues you're having (except for FB banning the BINs due to abuse). I personally, for the hundreds of cards I've used on Visa Alerts, never had any card die the moment I add it. I never even talked about 'Verified by Visa' (VBV) on this guide, so I'm 100% sure you're confusing two different things and talking out of your ass!
If you can't do it successfully yourself, don't blame the guides. Improve and try again. And frankly, I don't understand why you're criticizing my guides. You think I'm trying to be a hero and make myself look good? Where did you get that idea? All my guides are for the community, and I've never asked readers for anything in return. You're a clown.
Last edited:
Haroldliteco
Basic
- Joined
- 08.02.22
- Messages
- 16
- Reaction score
- 4
- Points
- 3
- Have you ever read your reply twice before sending ? Now you're proving yourself that using SPAM to avoid the cardholder notices on " Visa Purchase Alerts ". Also, you're telling that you're such a FOOL boy for thinking of SMS bomber. Do you really know what phone # of the cardholder used when he/she signed up with the Bank? and have you ever sussucefully done that to yourself, it won't work bitch ... LOL . Stop acting like you know shit!
- I talked about VBV 'cuz " Visa Purchase Alerts " acts exactly like " Verified by Visa " . You didn't mention VBV, but they both work the same, trigger SMS to alert the holder if there is any transaction occur, you don't understand shit . I was talking about VBV, so that you have better idea of understanding more stuff about carding, okay boy .
- I've been in carding for long enough to call you a kid, so i know which method is doable and good to share with the community or " delusional " method.
- Some sites don't do VBV, but it must confirm via SMS because it triggers AVS or purchase with big amount . I don't believe the card holder purchased roughly 25k like you show in the pic . He is from Florida, the site " Keeler equipment sales & R in Ponca city " in Oklahoma . Also, when going to that site, nothing you can purchase online. So I assump, that $25k purchase must have been done by POS . With that being said, his and your purchase are 2 different types of transaction. No way, you can pass the AVS for the following big transaction. Let's say $8k at Alienware since BILL # SHIP.
- To understand more stuff about carding, go apply yourself a payment gateway with Authorized.net and run an e-commerce site. At the admin page, there are a lot of settings to allow the purchase go thru or you can set to blacklist and kill any cc if it looks suspisious . When you're at this level, you know exactly how to card successfully.
- Carding is not hard, the hardest part is where to find good CC.
- Joined
- 26.12.23
- Messages
- 231
- Reaction score
- 3,912
- Points
- 93
I had a sneaking suspicion that you were illiterate or retarded. This reply of yours just confirms it.
- There are no notices of Visa Alerts if you dont put the phone of the owner on signup. Visa doesnt have the owners phone number on that service, the institution that has it is the bank.
There are bins that notifies, but those are rare and like I said, you can always spam the SMS. Lots of people do this. As a matter of fact I am personally friends with a card shop owner who links all of their Alerts bins before putting them up for sale. You are a dumbass acting like you know things you have no clue about. Half of your history in this forum is about credit card generators, that alone speaks volume to your skill level.
Visa Purchase Alerts: A Carders Secret Weapon (+ 1000 BINs)
Carding Bites: 3DS/VBV Demystified Part 1 - Visa Purchase Alert is different from VBV. VBV/3DS is a protocol implemented by banks and DS (directory servers like Cardinal Commerce/Arcot). While Visa Alerts is just a small service provided by Visa itself for holders of cards on banks with little to no safety checks/online systems. I have at least 3 guides documenting these. Those alone are at least 6,000 words. Go read them.
- Yet again, your proving to be someone who cant comprehend English. None of 25K alert was about bypassing AVS (another thing you are confusing yourself with). As a matter of fact none of the guide is about AVS at all. There are things called spending deviation on the risk assessing companys panel which increases and decreases based on the cardholders spending patterns, and that applies regardless if its CARD PRESENT or CARD NOT PRESENT (Online). You are mixing words you may have read somewhere and pretending you know shit. Rather than being humble and trying to learn, youd rather waste both of our time with the unnecessary display of your stupidity.
-"Carding is not hard, the hardest part is where to find good CC."
Because youre a brokie who wastes his time with cc generators. You have no game because youre allergic to knowledge. Your scared the owner of that 5$ card you bought from the shit shop you begged for a voucher will get notified by Visa while other people are hitting big with hundreds of cards a day. It matters a lot to you because you have no skill nor money, we are not the same.
And lastly, since Id rather be nice to you, heres a free Visa Alerts account with a live card just for you. No notification to the owner. You can call her and ask, just dont scare her with your broken english and annoying accent.
Last edited:
Haroldliteco
Basic
- Joined
- 08.02.22
- Messages
- 16
- Reaction score
- 4
- Points
- 3
- Congrats! you have proven yourself as a bullshit kid. It's clearly showing that you don't know shit about carding and now you're trying to attack my broken English, shame on you racist . But I'm so proud of myself 'cuz I'm bilingual . Stop peeping on my account to check my history activities and then making judgment about it, you're such a full of shit. I don't have to tell or prove anything to you why i join the forum because i'm NOT a PRO like you spending all your time to write " delusional " carding method , it's all scrap to me and I believe OG carders are seeing the same .I had a sneaking suspicion that you were illiterate or retarded. This reply of yours just confirms it.
- There are no notices of Visa Alerts if you dont put the phone of the owner on signup. Visa doesnt have the owners phone number on that service, the institution that has it is the bank.
View attachment 47909
There are bins that notifies, but those are rare and like I said, you can always spam the SMS. Lots of people do this. As a matter of fact I am personally friends with a card shop owner who links all of their Alerts bins before putting them up for sale. You are a dumbass acting like you know things you have no clue about. Half of your history in this forum is about credit card generators, that alone speaks volume to your skill level.
Visa Purchase Alerts: A Carders Secret Weapon (+ 1000 BINs)
- Visa Purchase Alert is different from VBV. VBV/3DS is a protocol implemented by banks and DS (directory servers like Cardinal Commerce/Arcot). While Visa Alerts is just a small service provided by Visa itself for holders of cards on banks with little to no safety checks/online systems. I have at least 3 guides documenting these. Those alone are at least 6,000 words. Go read them.
- Yet again, your proving to be someone who cant comprehend English. None of 25K alert was about bypassing AVS (another thing you are confusing yourself with). As a matter of fact none of the guide is about AVS at all. There are things called spending deviation on the risk assessing companys panel which increases and decreases based on the cardholders spending patterns, and that applies regardless if its CARD PRESENT or CARD NOT PRESENT (Online). You are mixing words you may have read somewhere and pretending you know shit. Rather than being humble and trying to learn, youd rather waste both of our time with the unnecessary display of your stupidity.
-"Carding is not hard, the hardest part is where to find good CC."
Because youre a brokie who wastes his time with cc generators. You have no game because youre allergic to knowledge. Your scared the owner of that 5$ card you bought from the shit shop you begged for a voucher will get notified by Visa while other people are hitting big with hundreds of cards a day. It matters a lot to you because you have no skill nor money, we are not the same.
And lastly, since Id rather be nice to you, heres a free Visa Alerts account with a live card just for you. No notification to the owner. You can call her and ask, just dont scare her with your broken english and annoying accent.
View attachment 47910
*** Hidden text: cannot be quoted. ***
*** Hidden text: cannot be quoted. ***
- To stop you from littering on forum, I have some questions for you:
1. What is the point of using " Visa Purchase Alerts " ? help what ?
2. How many times you have successfully completed orders from start to finish for big amount over $1k by using your DELUSIONAL method?
3. Where you get the idea of waiting for cardholder to make a hug purchase and then you place order after that? That's very stupid idea and clearly you don't know shit.
You claimed yourself as a friend of big cc seller, that means you always have plenty of good cc with balance. With that being said, nothing your childish method helps you in carding. So you better stop acting like you know shit and blaming on people who don't have or can't find a good cc seller like you.
Lastly, I know you're going to attack me on my grammar is not perfect next time, so to cut that scrap and prove yourself as a pro. I will give you the address and you can use your rubbish time consuming carding method to finish an order $900 ( ONLY nine hundred dollars, NOT $8k eight thousands okay ) at Alienware and the job must be done in 1-2 week. If you could do that, I will send you $900 of bitcoin to you . Fair enough? good deal right ? Don't be scared, you have nothing to lose and hope you won't delete this thread.
- Joined
- 26.12.23
- Messages
- 231
- Reaction score
- 3,912
- Points
- 93
Playing the victim now? Think I'm racist and persecuting you? Boo-fucking-hoo. Cry me a river. I don't even know your race, genius - how can I be racist? All I know is you're one annoying motherfucker.
You're the one littering my posts with your brain-dead bullshit. I called your bluff, and now look at you - scrambling with these weak-ass questions because you've got nothing. Zero. Started off acting like you knew shit, but the second you got caught, all you can do is nitpick like a desperate little rat.
If you had just taken the time to study using my guides and put them into practice, you wouldn't be stuck in the rut you are in right now.
The funniest part is that you're doing all of this just to beg me for an Alienware laptop (you're even ultra-specific with the brand, which makes me think you've been dreaming of this laptop for a long long time, haha). if you'd just asked nicely, I would've offered to help you, like I do with countless others on the forum and TG. Might've even written a guide. But now you already pissed me off. Don't get me wrong: being broke and lacking skil is one thing - everyone starts from zero, there's no shame in that. But picking fights just to beg for a laptop while running your mouth like a know-it-all dipshit? That's all you. You chose to be this pathetic. Now fuck off.
Last edited:
Haroldliteco
Basic
- Joined
- 08.02.22
- Messages
- 16
- Reaction score
- 4
- Points
- 3
- Who is begging here ? It was a job for you to make money moron, so you don't have to spend all your time dreaming of being rich. Also, I gave you a chance to prove yourself. You made me laugh so hard when seeing you mentioned $8k In your fucking guide carding at Alienware. I know it was just saying, but stop making up big number to make yourself look like a pro bitch. You're just a damn poor kid. Your dad has been in carding for 2 decades okay son. 20 yrs ago and now are completely different. I lower the order amount from $8k down to $900 to test your level skill so that you can stop bullshit around, but you seem nearly scared to death to take the challenge. I let you pick any random address and do it , show proof and get paid. That way you cant say I'm begging for a cheap Alienware laptop. You know what? I'm using my $6k Alienware to reply your post, wanna take a look how cool it is ? Yes your dad is for real and speaking the truth. Okay son, no more dreaming for you DELUSIONAL boy! LOL
Kunt111111
Carding Novice
- Joined
- 30.09.24
- Messages
- 4
- Reaction score
- 1
- Points
- 3
shut the fuck up, doc doesnt need to prove shit to you. hes putting out some of the best guides this game has ever seen and somehow you find a way to criticize him.
thanks genius bro the neighborhood’s median income
Ever wondered why none of the cards you buy from online card shops seem to work? Even after reading through my AI systems thread, the card you bought for 30$ which the shop guarantees is first-hand somehow still fails to even get a transaction across?
Or if they do, why are they acting inconsistently? Some cards sometimes work for thousands, while most of the times a lot of them cannot even sign you up for a Netflix account!
In order to understand and optimize your workflow for success you need to understand the layers of approvals your order details need to go through in order for your purchase to even result in a success, let alone get it shipped, and why the cards you're buying probably get caught before even proceeding to next stages.
When assessing the risk of a transaction being fraudulent/unauthorized, banks and payment processors implement what is called in the cybersecurity industry as a 'Swiss Cheese Model'.
Swiss Cheese Model
What this means is that instead of the transaction being assessed a single time, it is rigorously put through multiple checks, and require multiple systems of approval, before it allows a charge to succeed. Through advancements in AI and Machine learning algorithms, these entire processes take milliseconds, and are virtually frictionless to the end legitimate consumer.
For this writeup's demonstration purposes, we'll steadily assume your card is fully valid. I'll walk you through each step, and reveal at the end why the cards you bought tend to fail. The first step of the process when you submit a transaction is essentially the site's own risk analysis. Seon, Radar, Riskified, Forter, the list goes on and on, and I've covered this in depth in my article at: How To Bypass Modern AI Anti-Fraud Systems" target="_blank">
In that article we've uncovered tricks and bypasses that you have control over, but I left out a giant piece of the puzzle: the card you're using.
You see, while you can have a brand-new laptop with an astounding fingerprint, the best residential proxy in the world, your card could've been run through a fuckton of checks within the fraud system and this increases the risk metrics for your transaction tremendously.
In order to understand what I mean, we need to have an in-depth understanding of the underground economy of card-selling:
(old photo of card shop from decades ago, haha)
Understanding how the CVV economy operates needs only four words, and is dead-simple: Sellers want maximum profit.
While shop operators and maintainers have reputation to establish and maintain, sellers on a lot of these platforms do not, they are often faceless entities that rotate identities regularly, and whatever route they can take to make them more money, they'll take. What this means is that card shops with rules that aren't stringent enough or quality checks that aren't rigid enough will inevitably get a sea of garbage/resold cards.
This also logically means that online shops that do not have enough traffic/sales to make the sellers the most profit are relegated to be low-priority when these sellers start selling cards. What this means is that, the most logical way to maximize profit for someone who resells cards is to post it first on the most popular card shop, give it a few days of selling, check the validity after a few days and remove dead cards, then proceed to reuploading it to the next profitable shop. By the third time the card has been resold they'll basically go free-for-all and post it to as many smaller shops as they can.
What happens is that your success becomes tied to how high up the food chain the shop you're buying from, or how stringent their quality checks are. The other side effect of this kind of economy is that big players/shops maintain their dominance and are able to extract more profit from each card sold since the quality of their cards is much better (since sellers post on them first) and they maintain a higher market share (since smart buyers will check with their site first).
Anatomy of a Resold Card
One thing people do not understand enough is that a card being resold to multiple stores isn't the biggest factor as to why you're failing the first risk check. A card could, in theory, be resold to five shops, remain unsold for weeks, and still hit big numbers. The larger problem is that the process of reselling cards to multiple stores necessitates a lot of the greedy sellers—since they also want to double-dip and profit on sold cards—to run checks on the cards before they reupload them.
How are cards checked?
With each re-upload to different stores, a seller can then use services like 4Check and Lux to check the bases and remove the dead cards. While this presents a whole host of different problems, which I'll tackle later, this simply isn't what a majority of sellers use since these merchant-based checkers tend to get expensive and unprofitable. Checking 1000 cards in 4Check costs 250$!
So what do they use? Dirt-cheap bind checkers.
The Boom of Bind Checkers
So what are Bind-based Checkers? Bind-based checkers are essentially checkers that attempt to bind the card to a service, or to create a payment using the card in an automated and fast way. A couple examples of this are FlashCheck and OMGCheck:
The payment system these bind-based checkers operate in is mostly Stripe or Braintree. Either they have a massive list of API keys that they rotate regularly, or they have a massive list of websites with unsecured forms (for donations/adding card/etc) where they submit the card details to and await response. Their scripts submit the card number, expiry, and CVV to the Stripe/Braintree endpoint, and depending on the API response, base their assessment if the card is Live or Dead.
If you've read through my AI system guide you'd understand why this approach kills the card (without actually killing it): When you run your card through these checkers, the Stripe/Braintree/Adyen AI model having mitigations for card-checking, will essentially flag your card as 'stolen' and block it from any payment process done on their payments network indefinitely.
The only choice you then have for this card, with it being blocked from most major payment networks, is to use it with an obscure low-security card processor that has no connection whatsoever with Stripe/Braintree/Adyen. With the big three blocking your card, you've essentially limited yourself out of using the card you have on about 90% of all online stores, at least in the US.
The boom of the bind-checkers only helps greedy card resellers and scriptkiddies on telegram who generate credit card numbers to buy Spotify subscriptions, but it has been an overall net negative for the industry as a whole. It singlehandedly destroyed the success rate of carders far larger than anything else before it. I even joked to a friend of mine that Stripe/Braintree/etc might've been really allowing these bind-checkers to operate since it makes it very easy for them to know which cards to block. Your only solution in this case is be strict about which shops you plan on sourcing your cards.
Risk-Assessment Providers
If your card successfully passes the initial checks by AI models, the next step involves scrutiny by risk-assessment providers. These external companies specialize in evaluating the risk associated with a transaction, providing an additional layer of security beyond what Stripe offers. Unlike Stripe, which primarily considers machine-generated signals such as IP addresses and browser fingerprints, risk-assessment providers take a more comprehensive approach. They delve into the entire metadata of the transaction, examining various factors to ensure its overall legitimacy and safety. This thorough evaluation helps in detecting any potential fraud that might have been missed by the initial AI checks.
- Risk-profile of the cardholder (including amount)
- Risk-profile of the merchant
- Nature of the transaction
A practical example of this process is repeatedly entering the wrong CVV code. While Stripe's systems might not immediately block you, various banks using different risk-assessment providers could. This discrepancy could result in receiving a 'generic_decline' code from Stripe. It's important to note that Stripe's Radar system does not give customers detailed explanations if a decline is triggered by an external risk provider, even if your transaction is deemed safe by Stripe itself. Thus, the external risk-assessment can impact the outcome, despite a positive assessment from Stripe. If you've used Stripe Radar to assess your own cards, you've likely come across this: all the fraud metrics are low, but the fraud score is still high:
If risk-assessment providers flag your transaction, it often results in a 'card block.' These blocks are usually temporary and are automatically lifted within approximately 72 hours. Alternatively, you can expedite the process by contacting your bank directly to have the block removed.
This situation is what CC shops and checkers refer to as 'risk-control' or code 59 Suspected Fraud. If you come across this, it's best to let your card take a short breather for a couple of days—think of it as a mini-vacation. During this cooling-off period, if the card owner hasn’t set up alerts and remains blissfully unaware of your transaction attempt, you can try again. Just remember, success relies on factors mostly out of your control, aside from the purchase amount. Repeatedly checking the card through merchant-based checkers is like repeatedly nudging someone who's trying to nap—you're bound to get a 'card block.' So, give it some space and let things cool down a bit.
Bank Checks
Congrats! Your transaction passed the payment processor and risk provider. Now for the final step: the bank. Bank checks are basic; they focus on transaction amount and how it fits the cardholder’s usual spending habits.
Say the cardholder only uses his Costco card to hide his $10 OnlyFans subscription from his wife. Suddenly, it tries to buy an $8,000 Alienware laptop? The bank will likely block it. Big deviations from normal spending raise flags.
Here’s a trick: use the cardholder’s ZIP code with this tool to find the neighborhood’s median income. Use this to set a reasonable transaction limit. Note that for higher chances of approval, transactions should be within a reasonable range of the median income.
Card tier and BINs matter, but not overly so. Platinum cards may allow higher limits, but sudden large purchases can still be blocked. The inverse is also true: Standard/Classic cards can hit big if the cardholder loves to splurge on expensive things to feel adequate and look rich. Some BINS work better for some stores, and there's a multitude of those already on the forum. Also, consider the card's transaction history. Frequent small purchases leading up to a big one might help normalize the larger amount in the bank's eyes. Logically, large purchases by the holder lend trust to large purchases by you, so what I tend to do is use Visa Purchase Alerts, wait for the holder to make huge purchases like this, and follow it up with my own big purchase; it works every damn time!
Now the most magical part of this is that the entire check process from platform to bank takes less than two seconds. And these two seconds decide the fate of your transaction, so try to optimize for what you can control (the amount of the purchase, the shop you're buying from, choosing zip, choosing BIN) and do not waste too much time over things you can't.
Remember, as the financial systems improve over time, so should your strategies in circumventing them. And the only way you can do that is to gain proper knowledge through experience.