As a rule of thumb, when you get a chargeback you need to completely ban the customer from your db. This includes:
- card ban - email address ban - fingerprint their access and ban
This will save you a lot of hassle when they try to signup/buy your product again and cause you the same amount of grief.
I'm surprised they were able to get Stripe to actually state all of this clearly. It's nice that Stripe actually communicates details like this. But you can see the logic behind why many other big companies would just respond with an opaque message like "thank you for your report, it will be handled in the appropriate manner". Because saying the truth gets people more upset.
I think this hits on the spirit behind GP's point. Clarity, leading to an article like the one posted, gets more people upset. The equation (Upset/People x People) results in a larger number -- people, as a whole, are more upset.
>But you can see the logic behind why many other big companies would just respond with an opaque message like "thank you for your report, it will be handled in the appropriate manner". Because saying the truth gets people more upset.
If a company is vague, there's nothing to write about, one person (maybe) gets more upset than they would have facing clarity.
But if the company is clear, there is something to write about, and an article like the one posted makes people, overall, more upset.
(it took a bit of back-n-forth to get a clear answer, but I did get a clear one. Their support is still excellent from my experience and communicate well)
Yeah, maybe Stripe could do more without Radar, but I imagine it could also be fraught if Stripe was in the business of blocking customers from their entire network based on one vendor's complaint. Obviously a lot could go wrong with such an approach.
That was the point I tried to make with my blog post. And yes, if it was too easy for merchants to block consumers, that won't be fair either. But surely there's a middle ground here.
Stripe very explicitly told me that they don't do anything with such reports. It's simply ignored.
Also I just wanna throw some praise at Stripe Support. They have an excellent team and go above and beyond to help.
I don't think Stripe did the right thing here. They can do better to protect their own customers.
if buyers were to perceive stripe as being dificult, they might churn. i certainly do this on paypal pages.
Is this an edge case? It looks like your standard chargeback fraud accompanied by a pile of evidence. What does a common case look like in contrast?
We should expect this to become even more rampant given the ease of clicking a chargeback button and the apparent lack of repercussions.
It doesn't seem like an unreasonable ask frankly.
“You probably don’t want a system where one annoyed merchant can get someone blocked across the whole Stripe payment system. But there’s a pretty big gap between “automatically block this person everywhere” and “thanks for the screenshots, please consider Radar”, and this is where it gets frustrating.”
Stripe Radar was not a good product. It would score large numbers of very suspect transactions at a risk level of 1 or 2 (out of 100). I don't have an ML background, but something about their methodology was just flawed. It behaved as if there was a wire loose in it. Unfortunately, I don't think they're very incentivized to care.
* Turns a blind eye to misdeeds on its platform
* Locks out adult creators/vendors after taking their money
* Is ubiquitous, but not well liked
I love that Stripe changed the game of fintech and made it accessible to more parties in a programmatic way, but I find myself repeating “avoid Stripe” to a lot of folks asking me for advice on dealing with payment nowadays for those reasons.
1) Incumbent is slow, clunky, unpleasant to deal with due to years of accumulated constraints to deal with
2) Newcomer can differentiate themselves by being nimble and pleasant to work with, taking market share
3) Over time newcomer has to deal with increasing amount of scrutiny, fraud, overhead, CYA type practices, etc
4) Newcomer is now incumbent, goto 1)
No affiliation, I've just seen them used–it would be better if you self-hosted a BTCPay server.
Most paypros, most of the time, won’t look too hard unless there’s a problem or you’re tripping some internal security measure (like raking in a lot of cash in weird amounts). Of late they’ve been more intrusive due to some weird eTeen puritans, but that’s quieting down again as they remember they like making money, and throwing legal content off their platforms can very quickly cause an exodus of customers looking to avoid having their funds seized.
Can someone explain to me why Stripe (or a competitor) doesn't offer a setting "refuse transactions for cards that have filed > x chargebacks with <acquirer> merchants this year"?
The thing that gets me is that Stripe boasts about their machine learning radar rules etc etc, but somehow can't feed it actually valuable data.
Stripe support saw the emails from the customer boasting about defrauding me, they completely agreed that this is a clear case of friendly-fraud, but did nothing with this info.
But Stripe is exactly in a position to at least use the evidence I provided (in this case, the evidence included the customer clearly admitting to friendly fraud), and feed it into their fraud-prevention system in some way. This way, lots of signals can help protect merchants from friendly fraudsters. So yes, I see it as a pretty small and legit ask from Stripe.
Certainly I wouldn't want the inevitable news drama about it. "I'm just a poor innocent grandma, I'm a trusting person when it comes to Facebook ads, and Stripe punished me for getting scammed by banning me from half the stores on the Internet!"
Certainly a person showed up in person to a class, but how do you know it was the person whose credit card was used?
Comments like this have ruined this site. We all know that’s never happened once in history.
Contributing to good discussions is the highest leverage way to promote the quality of the site. Spending time in poor discussions is what makes it feel like HN has gone to crap.
Not kidding.
"Friendly fraud" is accidental or with the correct intentions – such as the customer not recognising the charge and charging back.
Even in the post you're wishy washy about what you want. They offer a product that does enhanced fraud detection but you don't like that. You correctly call out that there's major risks with taking a merchant's report and using it to flag a user's future transactions.
There are similar offerings from other companies. I don't know if bundling this with payment processing is common.
I suspect Stripe walks a fine line where they want to help you prevent fraud, but they also want to avoid vendors complaining to them that their customers can’t pay.
Context: I worked on a payments team for a short while.
Notably disputing a credit card charge is completely independent of whether someone owes the debt, the credit card is simply a convenient way for that payment to be handled. What's the point where other collection methods make sense? As an example, if you're consulting for someone and they pay you $x,xxx via card then charge it back, at least in most of the US I believe it's legal for you to do your own collection efforts and contact them repeatedly (this changes if you sell the debt and it's a third party attempting collections).
You can try to collect through persistence, or take them to court, get a judgment, and then a court ordered collection. It all depends on the value of your time.
I’ve heard rumors that some merchant agreements with processors may include arbitration clauses for recovering chargebacks, but I’ve never seen it personally.
I can assure you that I will take note of your feedback and pass it to our team. Your point about post-transaction abuse detection is valid - while Stripe has robust network-level fraud detection, there does appear to be a gap in utilizing merchant-provided evidence of confirmed fraud to protect the broader merchant ecosystem. This type of feedback from merchants who have direct evidence is valuable for improving these systems.The camber, affirmation, word choice, triplet phrase... leaves me wondering. But without a smoking gun its hard to know if a model call was fired.
If their total dismissal of the problem is itself deception, that's not a particularly big improvement!
And if they had even a little skin in the game they would care about such low-hanging fruit. You don't want a guy that's insulated from the consequences to be in charge of the [anti-]fraud dial.
My only nit with Stipe is they don't allow me to delete card details for an ongoing subscription I don't plan to renew and already set it not to renew on the service billing page.
They have no way to know if your evidence is real, any more than the bank has a way to know if their customer's evidence is real. Either one (or both) of you could be full of shit.
In that world, what would you like Stripe to do better?
But they have my record as a merchant (successful charges, chargebacks, disputes etc), they have the payer record as a consumer (payments, chargebacks etc), when a merchant submits a dispute, they provide evidence. I provided evidence from DHL that the product was delivered.
No single piece of data is enough on its own, but Stripe is in a perfect position to use all those pieces to be able to better detect fraud.
Yet they explicitly do not use this data at all.
I'm not going to name those countries outright but you should never ever be launching globally until you have these safeguards in place.
Once you are known to be vulnerable to a certain scheme, it quickly becomes known in that region/country.
Again and again I'm reminded why high trust societies remain high trust and why low trust societies rarely transform into high trust society.
Be careful when taking verbatim advice from internet strangers.
So nobody really knows about it.
When i started selling digital download content. Some people will buy, download and instantly charge back.
In Western Europe, a chargeback is not that unheard of, but it still requires you to make your case and follow a procedure and review. It's not that lengthy or difficult, but you cant just buy something online and then do a chargeback, unless you can clearly show that the download is not working and tried the helpdesk or you were mislead or something
I suspect most decisions are now made based on ambient factors such as “does this customer file above average chargebacks; if not, believe whatever they entered in our multiple choice questionnaire” or “if we have any undisputed payment on the same card by the same account, push back, otherwise eat the loss”. Part of this is even getting codified by newer network dispute evidence rules as well.
Since nobody ever seems to hold cardholders accountable for misrepresentation, and since it’s psychologically much easier to lie on a whimsical multiple choice form you fill on your bank app when bored on the bathroom than to sign a printed document containing a short summary of the legal consequences of willful deception, the situation is what it is.
Sometimes, whether a society is actually “high trust” depends on the transaction amount, and whether that amount warrants legal expenses on either side.
And let me tell you, nowhere in my circle that I know of have ever raised one single chargeback in these 15 years. Not one.
This seems more of a developed-countries thing to me.
The strongest signal is whether they use an eBank/app that has a one-click button to report transactions as fraudulent. The Apple card(?) seems especially prevalent.
I think that caused her to over-scrutinize things.
But (years) later I saw her using apple pay. She had charges she didn't recognize and would immediately flag them. Thing is, I couldn't help but think they might have been real charges with weirdly named companies on the transaction.
Not universally supported unfortunately, but the major stores support it.
Many banks only show payments (so only after cleared) and not reserved funds. They will just show that you don't have the full credit available
This was introduced to not unnecessarily block debit card funds for days but it works like that for credit cards as well now.
That's completely the companies fault. If you give a transaction a reference that the customer will not recognise, that's on you!
Whether your bank knows how to use them well to represent your interests is a different matter. For example, I’ve seen banks decline chargebacks against bankrupt merchants in certain countries because they were poorly advised about the legal ramifications, and other banks in the same country win the exact same kind of dispute. Lacking sufficient reading comprehension to parse the dispute rules (it’s a long PDF!) also seems common.
The cardholder’s contractual relationship is always with the card issuer, which is usually a bank or some other financial institution. This is no different in the US. If something on your bill seems off, you contact the one that issued it, i.e. your bank.
in the case of these "friendly fraud" schemes, they are much more likely to come from more developed regions with strong consumer protection laws like the NA.
if anything in many of those "high risk" regions, chargeback are much less common because fewer consumer protection law e.g. banks would automatically reject chargebacks for transactions with 3DS OTP.
One chargeback a quarter is a lot, depending.
The US and I imagine Canada are known for the ease of chargebacks.
My experience in Europe is that it's a very tough process to even initiate (as a consumer)
But this QJE article[1] argues there's a ceiling to how far things scale. Concluding that the cost to keep a decentralized network secure scales with its total economic value. So while there is immediate value to it's user, it might not scale well, and can't replace a country's financial system anyway because securing it at a sovereign scale would just be more expensive.
[0]: https://www.mdpi.com/1911-8074/17/10/467 [1]: https://academic.oup.com/qje/article/140/1/1/7824430
I was more nuanced and specific, but I don't want to do it all again.
1. The fees are not awful idk what you mean, I pay between 0.1% and 1% fees on Monero transactions.
2. If the modelling can't manage their risk characteristics, they are by definition a victim of the financial system. I was more talking about people who have been debanked, though.
I have a Russian friend who can't pay for things online in fiat because of sanctions and the risk to his life from being on the free internet. So, he uses Monero and Tor and takes his OPSEC seriously. He is a victim of trad-fi, and Monero allows him to take his freedom back.
Idk where you are getting this, but "risk to his life from being on the free internet" is total BS.
I can send you some if you want to try it out, just drop an address(for a wallet I recommend cakewallet, but any popular open source wallet works).
I'm talking about Monero specifically, but your reply makes no sense because there are cryptos that have 0 transaction fee and instant confirmaiton. But they are less secure and private so I don't use them, I only use Monero.
I too have plenty of purchasing experience with crypto and I wouldn’t advocate for it for any legal transaction.
It's easy to get in the USA on Kraken from fiat for a very low fee or 0 with their pro plan.
> Monero is also far from instant in my experience.
It's up to the merchant to decide how many transactions before finishing their end of the deal. For small purchases it's low risk to do 0 confirmations and you can scale with price.
I've seen hundred dollar sales given out as soon as the transaction hits the mempool, before the first confirmation as well as 5 dollar sales that require waiting the whole 10 confirmations.
Also of all the cryptocurrencies Bitcoin is a pretty poor choice since it could be pretty well argued that it has lost the original purpose and devolved into a raw "line go up" financial instrument.
Buy food with Monero on an ebay type platform called xmrbazaar.
(https://xmrbazaar.com/search-category/food/)
Donate to non-profits in Monero
GrapheneOS says it's the only crypto that they regularly get recurring small donations in.
You can’t ignore the stereotypes, but you can let people figure it out themselves. You don’t have to say it when it’s already obvious.
Why?
X isn’t bad. You should include Y. You only added/omitted Z because of $stereotype/$racistView/$otherAllegation.
Probably just not worth the hassle.
how can it be that all countries and cultures are alike with no room for diversity in ethics and overton window ?
Outside of South Korea, from enormous help from Pax Americana, has it ever happened?
If it happens to be a slow day, or the person is already on their shit list (eg. on probation) maybe something will come of it. Having the gloating emails definitely helps. Or maybe the report just goes into a file until this person does this for a more expensive item and then it gets pulled to prove a pattern of behavior.
Do better Stripe. Be better Stripe. Or eventually we will find someone better. Think. Don't enshittify. Your support has already become covered in it by doing the needful.
Of course not, unless it becomes mainstream, crypto usage will always be by early adopters and technologists. I don't care if you accept cards as well, I just want to be able to pay privately with Monero.
You're right that for chargebacks specifically the only way to eliminate them would be 100% crypto, not the option of card and crypto together, which is significantly more likely. But there are other benefits for customers(privacy), which is why I use it.
How is it natural if DHL had proof of delivery.
They have a comprehensive customer ID system and let you adjust desired risk levels for various forms of fraud.
Epic username btw lol