Card Testing Statistics & Financial ImpactCredit Card Testing Can Cost You a Pretty Penny
Card Testing Statistics: Examining the Real Cost of a Card Testing Attack
On the surface, each card testing attack may seem like pocket change. After all, a dollar or two pales in comparison to the thousands of dollars worth of unauthorized purchases that might take place once a fraudster finally busts out.
But when fraudsters test hundreds of cards at once, the impact may not feel so insignificant anymore. Besides, the immediate revenue isn’t the only thing you’ll lose to fraud. You’ll also face operational disruption and chargeback fees, which can range from $20 to $100 per fraudulent transaction, even if the actual transaction amount was only a few dollars.
In this article, we break down the numbers to show you that card card testing is a threat that costs you far more than mere nickels and dimes.
Card Testing
Criminals validate stolen credit card information by making small, inconspicuous purchases. Once they confirm the card details are valid, they may proceed to make larger unauthorized transactions. This tactic helps fraudsters avoid detection until they have successfully exploited the stolen card.
Negative Impacts of Card Testing on Merchants
Between February and August 2022, payment processor Stripe tracked a wave of card fraud incidents in which bad actors inundated merchants with millions of small-dollar, or even zero-dollar transactions. At the peak of this activity, the company blocked more than 20 million card testing attempts per day.
As the situation continues to get worse, the negative effects of card testing fraud will reverberate more and more through eCommerce. Merchants, in particular, suffer the majority of the repercussions.
Although this list is far from exhaustive, here are a few major concerns merchants have about card testing:
Risk Posed by “Tester Merchant” Account Takeovers
A “tester” account is a payment processing account used to validate stolen or generated payment card credentials. The idea is that, instead of making test purchases through a retailer, criminals hijack a merchant’s bank account and run card-not-present transactions in bulk without bothering to even try submitting them as legit sales.
Scammers are increasingly looking to this as an option because it gives them full control over the transaction environment. They can bypass velocity checks and fraud filters.
This is a serious threat; 60% of all tester accounts used by scammers are acquired by taking over a legitimate merchant’s account. When that happens, the targeted merchant gets left holding the bag. You’d potentially be liable for millions of dollars of fraud conducted using your bank account.
So, not only do you have to worry about defending against card testing on the front end, you also have to make sure that scammers aren’t trying to get access to your account and commit card testing through your bank, too.
The average cost of acquiring one stolen set of card details on the dark web
Source: Experian
of merchants surveyed said they experienced card testing fraud in 2025
Source: Merchant Risk Council
of all card testing attacks are targeted at charities.
Source: Stripe
of all tester accounts used by scammers are acquired by taking over a legitimate merchant’s account.
Source: Stripe
You can never fully, 100% reliably stop fraudsters from inserting themselves into your payment processes. That said, how you respond to these attacks — how hard you work to stop them — can have a positive impact on your reputation.
