Malicious third parties may try to use your website to determine if stolen credit card details are valid. They try many small payments using different credit card numbers and expiry dates. The approved cards are then used to defraud another merchant for a larger amount. This is called "card testing".
Websites with minimal validation rules are often targets. This can include websites used for making donations or paying invoices.
Looking for test card numbers to use when developing your QuickStream solution? See: Test Cards and Bank Accounts.
Protect against card testing
If you make card testing difficult, your website is less likely to be a target.
See Technical Support.