[New Release] Crucial Magento 2 checkout security features come with OneStepCheckout version 1.2.044

OneStepCheckout for Magento 2 new release v1-2-044

Thien-Lan Weber Posted
by

This update is particularly important because it brings you additional security features that prevent your store from carding attacks.

In addition, we solved popular requests around the back-end, front-end, and installation.

Carding attacks prevention on Magento 2

The most requested and troubling issue Magento 2 customers have been facing is carding attacks related to how REST endpoints can be abused in their online stores.

Carding attacks is when bots test hundreds or thousands of stolen cards numbers on a given guest cart. More about the carding attack on Github

Here’s the announcement on the Magento Community Forum

As a result, to prevent such attacks, v1.2.044 of OneStepCheckout for Magento 2 adds a few control points by implementing optional ReCaptcha (Google Invisible reCaptcha v3) to REST endpoints.

reCaptcha v3 doesn’t add any friction to the user’s experience but provides a score based on interactions with your store and allows you to take action if needs be.

You can now choose from the backend what REST endpoints need more restricted access control applied. Read our documentation.

Back-end feature

To make administrators’ lives easier, the new version of OneStepCheckout allows you to see the relation from registered user guest orders from the order view in the admin panel.

Easier Installation

To make OneStepCheckout’s installation process easier we refactored out the “dflydev/dot-access-data” dependency as customers were struggling to know if it was already there or not.

Front-end improvements

Improved address data validation when fields are auto-filled

There are cases when your frontend is auto-filled and all that’s left is to click is the “Place Order” button. In such cases depending on Magento configuration, Magento still expects some internal js to be triggered and objects filled. This is now adjusted.

Discount not applied

Another annoying issue reported is where discounts were not applied on some cart rule conditions. This issue is now solved, please note that it only affected only some rules but not all.

You can find previous versions’ changelogs here.

How to get access to the latest version of OneStepCheckout for Magento 2?

OneStepCheckout Magento 2 customers

You should have received an email announcing this new version release by now. With a valid Support and Update Plan, you can access it from the download area of your OneStepCheckout account, or the preferred way using Composer.

You should have received an email announcing this new version release by now. With a valid Support and Update Plan, you can access it from the download area of your OneStepCheckout account, or the preferred way using Composer.

Still on Magento 2 default checkout?

Add security and remove friction for your customers with OneStepCheckout for Magento 2.

Thien-Lan WeberAbout Thien-Lan Weber

Thien-Lan is the Chief Marketing Officer at OneStepCheckout. She's a Marketing expert with 20 years experience across Europe and Asia Pacific including Accenture, Clarins, Johnson & Johnson, eBay and PayPal.

Thien-Lan loves connecting people and helping retailers get the most out of eCommerce. As such, she recently joined the board of ExtDN (Extension Developer Network).

She grew up in Paris, holds a Master of Science in Management from HEC Paris and is back to France after 16 years living in different parts of the worlds, the latest destination being Oslo where she joined OneStepCheckout.

View all posts by Thien-Lan Weber | Website