Skip to main content
Skip table of contents

Protect yourself from Fraudulent BIN Cyber attacks

What is a BIN attack?

A BIN Attack is a form of cyber-attack that involves a fraudster taking the first six numbers of a card (the Bank Identification Number or BIN) and then using software to automatically generate the remaining numbers using a BOT. The BOT reports back a list of credit cards numbers that processed a successful transaction which in most cases are bought and sold on the black market and dark web.

This is usually done by making small transactions through a payment page, or an online store/portal. Fraudsters can write programs that run card numbers through the website with multiple cards tested per second and the volume of cards being tested can range from a several a day to thousands of cards in a matter of minutes.


The below is how to recognise the signs of a BIN attack:

  • Multiple low dollar value transactions (the amounts may be unusual for your type of business).

    • Please note - it is not always the case that it is a low dollar value. It has the potential to be of multiple high dollar value transactions or a mix of both.

  • Multiple rejections is the norm, but at times they may be successful and can be high volume.

  • In some cases, an unusually high volumes of international cards.

  • Large number of transactions being processed or attempted in a short period of time. These transactions tend to be within a few seconds of each other.

  • Card numbers being used repeatedly with variations in the security features (e.g. expiration date, card security code, and postal codes).

  • The time of transaction may be unusual for your business, eg. Between 23:00 -05:00

How a BIN Attack can impact your clients:

  • Reputation:

    • A fraud attack on your client’s business may have repercussions that is seen by the Media and Financial institutes that may inhibit your future trading.

  • Financial:

    • The cardholder’s bank may restrict purchases being made to your clients business.

  • Operational:

    • You will need to refund any fraudulent transactions that were accepted.

    • This may attract high rejection fees and chargebacks that can be costly to your clients business.

  • Suspension or full closure of your clients merchant facilities:

    • Depending on the nature and risk profile of the attack, their merchant bank may suspend or close the facility.

  • All of the above can severely impact the reputation and salability of your software.

What to do to Protect your clients:

  • Enable 3D secure. This is an additional security layer for online credit and debit card transactions. This benefit offers your clients business a liability shift for fraudulent transactions in turn protecting the business from chargebacks as a result of fraud.

  • Enable reCAPTCHA or similar, to tell humans and bots apart. It’s easy for humans to solve, but not bots and other malicious software. Details on reCAPTCHA here.

  • Payrix is PCI compliant and has the expertise and tools in place to assist your business to be prepared. Check our fraud site here.

  • Enable card security code verification (CVV). The transaction won’t proceed until the three-digit security code on the back of the card has been entered into the merchant facility.

  • By using Payrix’s Hosted Pages. This has inbuilt 3DS and reCAPTCHA, that can be enabled on a per client basis.


Payrix specialise in Payments, Integrations and Fraud solutions to protect your entity and we want to work with you, to find the best solution to protect your type of business. Unfortunately fraudsters don’t come in a one size fits all model and with the experts at Payrix we will find the best solution to assist your business to be prepared.

Our Customer Integrations and Fraud Team are happy to work with you to improve security of systems. Feel free to contact us on:


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.