diff --git a/includes/fraud-prevention/class-fraud-prevention-service.php b/includes/fraud-prevention/class-fraud-prevention-service.php
index b3f77e3ca26..9bef49875c5 100644
--- a/includes/fraud-prevention/class-fraud-prevention-service.php
+++ b/includes/fraud-prevention/class-fraud-prevention-service.php
@@ -66,6 +66,7 @@ public static function get_instance( $session = null, $gateway = null ): self {
 
 	/**
 	 * Appends the fraud prevention token to the JS context if the protection is enabled, and a session exists.
+	 * This token will also be used by express checkouts.
 	 *
 	 * @return  void
 	 */
@@ -86,8 +87,8 @@ public static function maybe_append_fraud_prevention_token() {
 			return;
 		}
 
-		// Don't add the token if the user isn't on the cart or checkout page.
-		// Checking the cart page too because the user can pay quickly via the payment buttons on that page.
+		// Don't add the token if the user isn't on the cart, checkout or product page.
+		// Checking the product and cart page too because the user can pay quickly via the payment buttons on that page.
 		if ( ! is_checkout() && ! is_cart() && ! is_product() ) {
 			return;
 		}