Having public forms allows your supporters to easily submit information, donate to your cause, and register for your programmes, but it also opens up the possibility for malicious actors to use them as well.

All of Beacon's forms use a variety of features to secure them, and ensure that the vast majority of submissions are from legitimate sources. These include, but are not limited to:

These features mean that anyone filling out your form is a real person, completing forms manually one-by-one.

If you've had suspected fraudulent submissions (e.g. a flurry of £1 donations through your donation form) it's often fraudsters testing stolen debit or credit card details to find those cards that work. This work is often automated to easily try thousands of card details in a short space of time, which Beacon's forms will prevent.

Unfortunately, that doesn't stop someone manually filling out your form and submitting it, but our security features heavily restrict how much they can do this.

We also highly recommend using Stripe advanced fraud protection features which can help to catch those that are submitted, and you can read about it here.

If you do have someone submitting a form multiple times with the same email address, blocking that email address feels like an easy way to stop them. Unfortunately, it's very easy to simply use another real email address, and so wouldn't prevent someone from submitting your forms.

The vast majority of fraudsters will be using a VPN which makes it easy to change your IP address. Additionally, you may have genuine supporters using a VPN with the same IP address, potentially excluding real submissions.

If fraudsters are testing lots of £1 donations on your website, they're likely testing stolen card details to see if they go through. Whilst increasing the minimum donation seems like it would stop that, they'll simply use the amount that is your form's minimum instead - after all, it's not their money!