Rate limiting
Rate limits and enumeration prevention
The system does not apply any rate limits for server-to-server API calls. Instead,
the system aims to grow with the business to handle the throughput needs required.
That said, certain rate limits are applied on browser/app-to-server API calls in order
to prevent enumeration attacks, preventing a malicious party from enumerating credit, debit,
or scheme cards to check their validity.