One form of risk is attack via spamming. Hackers can use machines (also known as bots) to purchase products on your site by brute force entering random credit card numbers on your checkout page until it succeeds. If your site suffers from spam, the Storefront has built-in protection using CAPTCHA providers to reject transactions initiated by bots.
You must first enable the Risk feature under Configuration > General. Once enabled, you can enable the spam protection under Configuration > Risk menu. Remember to click the edit icon to provide the account credentials for your selected provider.
Please contact us if you don't see the spam provider you like to use.