Page MenuHomePhabricator
Create Task
Maniphest T407383

Duplicate donations made via Apple Pay and Google Pay from the WP app
Closed, ResolvedPublic
Actions

Description

We're seeing a small pattern emerging of duplicate donations being made via Apple Pay specifically through the App (and processed via Adyen) so we wanted to flag incase we want to do a health check. I was unsuccessful in recreating and was able to make 2 separate and successful Apple Pay donations via the app. (My CID 68209875) Thanks! :)

Examples:

Date of ErrorTicket #CIDCountryDonor CommentTech Specs
10/08/2025174994047649461FRI see that I was charged twice for the same amount of €10.40, which is the amount I paid once. Not twice. Application bug?W7SJMX4ZRJH3CM25 BXR5SKKB5V56JW25
10/09/2025175123625646158USI donated directly from the Wikipedia app this morning and did it as a reoccurring monthly donation. It said my first attempt at paying didn’t go through so I did it again. A couple hours later I checked my bank account and I was charged twice. My bank told me to contact you directly to cancel one of the reoccurring donations. I’m not sure what information you need.Unknown
10/14/2025175135934542530USI tried twice to donate and each time I got an error from Wikipedia. My bank, however, shows that the transaction went through twice now. I don't know if there's a glitch in your system, but you need to check that. I don't mind donating the money that I have, but that could've been disastrous if it had been any more money than what I was giving.Unknown
10/14/2025175386768739117FRI am happy to have made a donation... but it seems to be in duplicate: 2 x €25, 2 emails, 2 direct debits from my bank card... Please check and ensure that only one sample is taken.Unknown
10/15/2025175490645516228FRHello, at 3:20 p.m., I tried to transfer the sum of €20. In return, I received a message saying that there was a problem and asking me to try again later. Which I did immediately, for €25. To my great surprise, I made two donations, one for €20 and the other for €25. I find this way of handling the incident reprehensible. I didn't want to give €45, but only €20... Looking forward to hearing from youUnknown
10/15/2025175505661118328USI went to Wikipedia to make a donation via ApplePay like I do annually and received the message that it could not be processed. So I tried again and received the same message. So I went to my ApplePay app to see if I could figure out what the problem was and both donations were marked as pending. And now I have two emails from you that acknowledge both donations, so they apparently went through. Please reject one of them. Thanks.Unknown

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Add more loggingmediawiki/extensions/DonationInterfacemaster+2 -0
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 ResolvedCstoneT407383 Duplicate donations made via Apple Pay and Google Pay from the WP app
Restricted Task

Event Timeline

AMJohnson created this task.Oct 15 2025, 3:17 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 15 2025, 3:18 PM
AMJohnson updated the task description. (Show Details)Oct 15 2025, 5:13 PM
AMJohnson updated the task description. (Show Details)Oct 15 2025, 5:22 PM
AMJohnson updated the task description. (Show Details)
Cstone updated the task description. (Show Details)Oct 15 2025, 5:23 PM
Cstone subscribed.Oct 15 2025, 5:48 PM

This is interesting, adding more info to the top here. It's not all apple pay and I wasn't able to replicate it myself. We do have app version tied to donations looking to see if we can figure out when it started

Cstone added a comment.Oct 15 2025, 6:05 PM

Working on getting them in a searchkit here https://civicrm.wikimedia.org/civicrm/admin/search#/edit/6607

MBeat33 added a comment.EditedOct 17 2025, 2:49 PM

Some recent examples showed in an Adyen fraud scan:

ExampleContact IDcountryamountDateTransaction IDReferenceUTM Sourcemethod
1331149US$52.002025-10-17 12:48:45G59J43765F9T5T25238725184.1enUS_appmenu_iOS.inapp.apple iOSApple Pay
1331149US$52.002025-10-17 12:48:37CW7ZW7JKRP8SZT99238725150.1enUS_appmenu_iOS.inapp.apple iOSApple Pay
265694487FR$2.352025-10-17 04:42:35ZDG9WT3M6BW5ZM25238713959.1frFR_FR_2025_10_HeadlineTest_iOS.inapp.apple iOSApple Pay
265694487FR$2.352025-10-17 04:42:26TLCJBPV3M2JGR269238713971.1frFR_FR_2025_10_HeadlineTest_iOS.inapp.apple iOSApple Pay
368780137US$10.402025-10-16 20:08:03TR74TRVJRP8SZT99238689498.1enUS_appmenu_Android.inapp.google AndroidGoogle Pay
368780137US$10.402025-10-16 20:07:16XCM3Q2XLMZ7KL3B9238689373.1enUS_appmenu_Android.inapp.google AndroidGoogle Pay
468779569FR$52.002025-10-16 19:47:45B5D6MF8NFWT89Z59238686116.1frFR_FR_2025_10_Control_iOS.inapp.apple iOSApple Pay
468779569FR$52.002025-10-16 19:47:17DPTNMJQL6BW5ZM25238685959.1 frFR_FR_2025_10_Control_iOS.inapp.apple iOSApple Pay
55724279UK$26.002025-10-16 17:04:15NWN83JJ8DJ3QV4B9238660370.1enGB_appmenu_iOS.inapp.apple iOSApple Pay
55724279UK$26.002025-10-16 17:03:50QQQCRG8M5V56JW25238660480.1enGB_appmenu_iOS.inapp.apple iOSApple Pay
649831577US$250.002025-10-16 15:29:33TLPSQQD55F9T5T25238644698.1enUS_appmenu_Android.inapp.google AndroidGoogle Pay
649831577US$250.002025-10-16 15:29:03ZPBZMWPJRP8SZT99238644609.1enUS_appmenu_Android.inapp.google AndroidGoogle Pay
649831577US$250.002025-10-16 15:28:14R67SP825J88T4F69238644440.1enUS_appmenu_Android.inapp.google AndroidGoogle Pay
765329786FR$26.002025-10-16 10:41:44KTPVLT98DJ3QV4B9238612868.1frFR_FR_2025_10_Control_Android.inapp.google AndroidGoogle Pay
765329786FR$26.002025-10-16 10:41:16BL433Q755F9T5T25238612798.1frFR_FR_2025_10_Control_Android.inapp.google AndroidGoogle Pay
863236702CA$3.002025-10-15 23:57:39HMXG3P5JRP8SZT99238593215.1enCA_appmenu_iOS.inapp.apple iOSApple Pay
863236702CA$3.002025-10-15 23:57:01QGKZWLS2M2JGR269238593193.1enCA_appmenu_iOS.inapp.apple iOSApple Pay
957254560FR$10.002025-10-15 21:23:55K2RVG4B2NX84J769238583120.1frFR_FR_2025_10_Control_Android.inapp.google AndroidGoogle Pay
957254560FR$10.002025-10-15 21:23:16KH8HZDLDWFFW7669238582928.1frFR_FR_2025_10_Control_Android.inapp.google AndroidGoogle Pay
1068754802US$3.352025-10-15 20:18:11MW3T79KDWFFW7669238571342.1enUS_appmenu_iOS.inapp.apple iOSApple Pay
1068754802US$3.352025-10-15 20:18:07S9CSHQGL5V56JW25238571235.1enUS_appmenu_iOS.inapp.apple iOSApple Pay
1168744087FR$15.602025-10-15 11:35:37TBRPC4Z3J88T4F69238511562.1frFR_FR_2025_10_HeadlineTest_Android.inapp.google AndroidGoogle Pay
1168744087FR$15.602025-10-15 11:34:43DPFX5Q2MFWT89Z59238511535.1frFR_FR_2025_10_HeadlineTest_Android.inapp.google AndroidGoogle Pay
1223516811US$3.352025-10-15 05:29:30QD49L7PRPP45RM25238491750.1enUS_appmenu_iOS.inapp.apple iOSApple Pay
1223516811US$3.352025-10-15 05:28:39KKDM964L5D5SRC35238491607.1enUS_appmenu_iOS.inapp.apple iOSApple Pay
AMJohnson added a comment.Oct 20 2025, 1:59 PM

Adding one additional example that came in yesterday. Donor in 1758179 / CID 68824702 donated 3 times by mistake via Google Pay from the WP app. Donor notes "I didn't mean to make three different $5.35 donations on 10/19/2025. I only meant to make one. Please cancel and refund two of those donations ($10.70 total)."

The first two transactions were processed via Adyen with the final attempt processed via Gr4vy. As discussed last week (here) we learned that the WP app routes you to both Adyen or Gr4vy depending on the flow you use. Just guessing but maybe they saw an error on the attempts they tried via the "native" flow which processes through Adyen, and on the last attempt they tried the "other payment method" flow which takes you to Gr4vy. An issue with the "native" flow specifically + the app?

AMJohnson renamed this task from Duplicate donations made via Apple Pay from the WP app to Duplicate donations made via Apple Pay and Google Pay from the WP app.Oct 20 2025, 2:00 PM
AKanji-WMF triaged this task as High priority.Oct 20 2025, 8:26 PM
AKanji-WMF moved this task from Triage to Chaos Crew Backlog on the Fundraising-Backlog board.
AKanji-WMF added a project: Fundraising Tech - Chaos Crew.
MBeat33 added a comment.Oct 22 2025, 2:43 PM

We're seeing about 6 per day. Some recent examples

ExampleContact IDcountryamountDateTransaction IDReferenceUTM Sourcemethod
17557918France$2.352025-10-21 09:47:43M5T7NK87NX84J769238961932.1enFR_appmenu_iOS.inapp.appleApple Pay: Carte Bleue
17557918France$2.352025-10-21 09:46:24ZRD9BFB4ZSVZHW99238961913.1enFR_appmenu_iOS.inapp.apple
27822543United States$10.002025-10-20 16:29:05ZJV4QGL6NX84J769238936771.1enUS_US_2025_10_Control_iOS.inapp.appleApple Pay: Visa
27822543United States$10.002025-10-20 16:28:59MTXT6DVTDZW297B9238936726.1enUS_US_2025_10_Control_iOS.inapp.apple
357073276France$2.502025-10-20 08:37:11NGQD8KLJWFFW7669238915109.1frFR_FR_2025_10_Control_iOS.inapp.appleApple Pay: Carte Bleue
357073276France$2.502025-10-20 08:37:03QSDQ49WP6BW5ZM25238915132.1frFR_FR_2025_10_Control_iOS.inapp.apple
Cstone moved this task from Backlog to In Progress on the Fundraising Tech - Chaos Crew board.Oct 23 2025, 6:01 PM
AMJohnson added a comment.Nov 3 2025, 7:18 PM

Just flagging a fresh example. Donor in #1768332 / CID 38486846 donated twice via Google Pay in the app by mistake. Donor notes "I have looked at my bank account and noticed that 2 payments for £15 have gone out. I only chose the 1 payment of £15. There was an issue with the page that was hanging/pending when I submitted it. I re-entered the amount which did the same thing again."

KHancock99 added a comment.Nov 12 2025, 4:50 AM

Another donor using Apple Pay on the Wikipedia App has also experienced a duplicate donation, which apparently resulted from in-app messaging that the first attempt had not processed.

"I donated this evening using Apple Pay and the app has a message saying the donation was not processed. I tried again with the same outcome. I have been charged twice due to this error. I would appreciate one of the transactions being refunded."

#1772280 | USA | $10.40 | Apple Pay Visa | ADYEN TH8F5W9VPDZCJS69 | iOS | Wikipedia App

Cstone added a comment.Nov 26 2025, 2:41 AM

I think I was able to replicate this today, but the logs on our ends look good. I'm asking if the apps team have any more info on their end.

gerritbot added a comment.Dec 2 2025, 3:30 AM

Change #1213613 had a related patch set uploaded (by Cstone; author: Cstone):

[mediawiki/extensions/DonationInterface@master] Add more logging

https://gerrit.wikimedia.org/r/1213613

gerritbot added a project: Patch-For-Review.Dec 2 2025, 3:30 AM
gerritbot added a comment.Dec 2 2025, 3:36 AM

Change #1213613 merged by jenkins-bot:

[mediawiki/extensions/DonationInterface@master] Add more logging

https://gerrit.wikimedia.org/r/1213613

ReleaseTaggerBot added a project: MW-1.46-notes (1.46.0-wmf.7; 2025-12-16).Dec 2 2025, 4:00 AM
Cstone added a comment.Dec 2 2025, 4:11 AM

Okay got even more logging in, it looks like every ~100 or so transactions, the capture call takes 30 seconds

Maintenance_bot removed a project: Patch-For-Review.Dec 2 2025, 4:30 AM
Damilare mentioned this in T411478: Error on iOS App Donate Page.Dec 2 2025, 11:31 AM
Cstone mentioned this in T411882: Braintree double donation.Dec 5 2025, 5:30 PM
KHancock99 added a comment.Dec 17 2025, 6:54 AM

Hey @Cstone, we have another donor occurrence of this happening on the android WP App interface.

The donor replied to their receipt and attached the same timeout error screenshot received when donating via WP app on android which reads: 'Cannot connect to Wikipedia. Please try again later':

After I donated, I got the error message (see screenshot). It made an impression that it was not functioning or worse. #1804112 | cid=19100102

Not sure if it is worth mentioning, but these errors did not present in previous app release versions on android.

Cstone added a comment.Dec 19 2025, 6:44 PM

Adding an update to what has been going on as it's still happening:

  • Discussion is ongoing with the apps team on how to handle the auth/capture calls taking longer than the apps timeout
  • On our end we have a thread with Adyen into why some calls are taking 30+ seconds instead of the usual 1-2
  • I've been watching the duplicates and refunding them as it's been going on
Dwisehaupt subscribed.Dec 19 2025, 7:54 PM

Per adyen's request, I captured traceroutes to the ips behind 7816c1e8e6da0afe-WikimediaFoundation-checkout-live.adyenpayments.com from payments1005:

payments1005:~$ cat adyen_traceroutes_20251219-192257 
traceroute to 135.84.150.188 (135.84.150.188), 30 hops max, 60 byte packets
 1  reth0-1132.pfw1-eqiad.frack.eqiad.wmnet (10.64.40.1)  0.198 ms  0.125 ms  0.093 ms
 2  xe-3-1-7.cr1-eqiad.wikimedia.org (208.80.154.200)  1.749 ms  1.718 ms  1.688 ms
 3  akamai.prolexic.com (206.126.236.219)  0.628 ms  0.661 ms  0.655 ms
 4  a104-86-70-25.deploy.static.akamaitechnologies.com (104.86.70.25)  0.495 ms  0.568 ms  0.537 ms
 5  * * *
 6  ae154-1112.connect1.plxcon-iad1.netarch.akamai.com (23.211.114.210)  1.483 ms  1.321 ms  1.227 ms
 7  a72-52-24-122.deploy.static.akamaitechnologies.com (72.52.24.122)  40.592 ms  40.535 ms  40.481 ms
 8  * * *
 9  875496BC.adyen.com (135.84.150.188)  40.323 ms  40.251 ms  40.412 ms
traceroute to 185.101.198.188 (185.101.198.188), 30 hops max, 60 byte packets
 1  reth0-1132.pfw1-eqiad.frack.eqiad.wmnet (10.64.40.1)  0.217 ms  0.139 ms  0.103 ms
 2  xe-3-1-7.cr1-eqiad.wikimedia.org (208.80.154.200)  0.389 ms  0.356 ms  0.324 ms
 3  * * *
 4  ae2.3613.edge1.Seattle3.net.lumen.tech (4.69.160.73)  64.911 ms  64.907 ms  65.176 ms
 5  ADYEN-B.V.edge1.Seattle3.Level3.net (4.59.233.250)  65.991 ms  65.960 ms  66.005 ms
 6  * * *
 7  B965C6BC.adyen.com (185.101.198.188)  65.667 ms  66.003 ms  66.111 ms
traceroute to 135.84.151.188 (135.84.151.188), 30 hops max, 60 byte packets
 1  reth0-1132.pfw1-eqiad.frack.eqiad.wmnet (10.64.40.1)  0.171 ms  0.095 ms  0.092 ms
 2  xe-3-1-7.cr1-eqiad.wikimedia.org (208.80.154.200)  0.402 ms  0.371 ms  0.338 ms
 3  xe-2-5-3-2.a05.asbnva02.us.bb.gin.ntt.net (192.80.17.185)  0.494 ms  0.461 ms  0.430 ms
 4  ae-3.r26.asbnva02.us.bb.gin.ntt.net (129.250.3.254)  0.470 ms * *
 5  ae-10.r26.snjsca04.us.bb.gin.ntt.net (129.250.6.1)  64.924 ms  64.997 ms  65.067 ms
 6  ae-8.a04.snjsca04.us.bb.gin.ntt.net (129.250.5.209)  64.797 ms  64.799 ms  64.795 ms
 7  xe-0-4-0-1.a04.snjsca04.us.ce.gin.ntt.net (131.103.117.85)  64.893 ms  64.902 ms  64.860 ms
 8  * * *
 9  875497BC.adyen.com (135.84.151.188)  64.897 ms  64.921 ms  64.932 ms

There are 3 traceroutes here because that's how many ips are backing the hostname at this time. The * lines are expected with certain providers and the max RTT time was at or under 66ms.

This is just a one time snapshot but could be run again and from any of the payments hosts.

Dwisehaupt added a comment.Dec 19 2025, 10:08 PM

We are now collecting the mtr data on each of the payments hosts for each IP behind 7816c1e8e6da0afe-WikimediaFoundation-checkout-live.adyenpayments.com. If we encounter another instance of this we can check the timestamped output for any issues.

Dwisehaupt created subtask Restricted Task.Dec 22 2025, 6:01 PM
Dwisehaupt added a comment.Dec 22 2025, 6:06 PM

We have found a routing issue when Adyen includes 62.146.255.205 in the rotation (T413382). The issue occurs when this ip is in the rotation and the connection for the donation gets that IP from the DNS query. It doesn't happen for all donations since the DNS query returns multiple IPs in a random order so it's the luck of the draw for it to get a particular one. We have verified this routing issue is across all the payments hosts and is not isolated to a particular host.

Dwisehaupt added a comment.Jan 5 2026, 8:18 PM

The issue has been spotted and is related to the address sets used in source nat for the payments subnet. While that is being addressed, we are going to add an address set for this new ip/range. I have reached out to Adyen to get information on what IP/CIDR range to use.

Cstone claimed this task.Jan 5 2026, 9:21 PM
Dwisehaupt added a comment.Jan 12 2026, 11:26 PM

IP range received and added to config. Awaiting deployment in T414393.

ayounsi closed subtask Restricted Task as Resolved.Jan 13 2026, 6:42 AM
Dwisehaupt added a comment.Jan 13 2026, 7:10 AM

The firewall update has been deployed and I have verified that mtr provides a proper route to the end address. Please let us know if you see future instances of this.

I have also removed the mtr cron job so we will stop collecting data related to this.

Cstone added a comment.Jan 14 2026, 5:07 PM

Thanks @Dwisehaupt I'll keep an eye on it

Cstone moved this task from In Progress to Done on the Fundraising Tech - Chaos Crew board.Jan 14 2026, 5:07 PM
Damilare closed this task as Resolved.Mon, Jan 26, 9:02 PM
Damilare set Final Story Points to 16.
Damilare mentioned this in T415697: Fundraising Sprint A Priorities.Tue, Jan 27, 6:13 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits