No warnings, no chance to appeal, no heads up and absolutly no possiblity to call them. Lost around half a million euros before we could get our customers exported to another payment processor. Thanks Stripe!

It's a great service when it works, not so great at customer service.

> We can terminate this agreement for any reason on two months’ notice and immediately in certain circumstances

Source: https://stripe.com/gb/terms

It concerns me, as this still gives them full power to terminate the agreement immediately anytime they want. They never define what "certain circumstances" are, rather, they just provide one example.

EDIT: I would just like to say that I was mistaken. See the reply to my comment. That said, the US terms differ in an important way.

- we determine in our sole discretion that you are ineligible for the Service because of the risk associated with your use of Stripe, including without limitation significant credit or fraud risk, or for any other reason;

- you do not comply with any of the provisions of this Agreement, or

- upon request of a Card Network or a card issuer.

On the US terms, I see the following sentence:

"We may terminate this Agreement and close your Stripe Account at any time for any reason effective upon providing you notice in accordance with Section A.15 above". It goes on to copy what the UK agreement had, but that one didn't include this sentence.

With paymill looking like a stripe clone, it may be a good solution to split the revenues stream.

If you really were getting 2% of your payments reversed despite a 100% refund guarantee, there's really something wrong with that business that needed fixing. Perhaps uninentional, but people were being misled in some way, or claiming that refund was too difficult, or contacting you and getting a prompt response too hard. I run several SaaS businesses, with $MM total revenue, and had 3 chargebacks total last year adding up to less than $500.

Now, what did bother me enough to comment at all?: 1. We always send in detailed papperwork for each chargeback. Never heard back for any of these during our time as a customer. Not once! 2. We never got any indication that we were getting close to some limit resulting in being cut off, just the email saying byebye in 10days (or whatever it was, maybe 7?) just as everyone in the office went on a 4 day holiday (bad luck I guess). 10 days is not even close to enough to set up with a new processor for SaaS-products if you need an import of old customers and have any to speak of amount of charges going on. It triggers a lot of extra papper work. 3. Payment processors claim SaaS is high risk as there is no product for proof of delivery. Stripe has all our money for months and a full refund policy makes it low risk in my eyes. We pay extra for this hassle anyway. If they say it's a risk, ok, Stripe knows better I hope. We had very long going ID identification so fraud was never the issue, just people trying to get money back and ashamed of asking it from us directly. 4. Stripe dealing with 1mil+ euro yearly of our money and refusing to speak on the phone even regarding major issues. Emails with "tough" questions always disappeared into thin air. It feels weird to not being able to contact someone that have your balls this way.

PS: Our "high" 1-2% chargeback spiked sometimes as customers that had made 10+ transactions during a year could start a chargeback for all transactions. Never spiked above 2%. Also, the product attracted many lazy and not-so-tech-savy-people, very far from the typical tarsnap user (which I'm a long term user of). Not defending our chargeback-rate, just that we know why as we phone up each user after a chargeback to get an understanding.

Long comment, hopefully it clears out my thoughts for those interested.

Visa/MC work with an ever-changing mix of tens of millions of merchants that they never have direct contact with. There's a long chain of banks, ISOs, MSPs and other resellers between the card networks and the businesses that accept cards, yet they still need to provide some kind of oversight to avoid working with businesses or business models that would damage the integrity and trustworthiness of their brand with consumers.

The only way they can do that is to have policies that create incentives for the behavior they want to promote, and that prevent the behavior they want to discourage. The mandate to have a reversal ratio under 1% is one of those policies. Because it's enforced at the top, it trickles down the pyramid to every single business accepting credit cards even though they never directly interact with Visa/MC. Anyone with any kind of business that leaves customers dissatisfied, whether it's due to fraud, abuse, incompetence or ignorance, will end up being excluded from the network until they can rectify their issues despite Visa/MC never knowing they existed.

I think everyone can agree that maybe with a 20% chargeback rate, there is something wrong with the business but 1-2% seems possible for a legitimate business.

As a credit card user, I don't think it is their job to dictate which businesses are worthy of operating or not.

As long as I get my money back when I do a chargeback, then they did their job.

Somehow, all the businesses that currently exist and accept credit cards are doing so without more than 1-2% chargeback rates. That's a pretty good indicator that this isn't a problematic level to set the bar at. It's really much higher than you seem to think. 1 in 50 people walking into a store shouldn't have some payment problem so serious they have to go to their bank instead of the store to resolve it. Neither should online sellers be generating chargebacks every single day; 50 sales a day is a very small business. If 2% were an acceptable level, Wal-Mart would be allowed to generate 300,000 chargebacks every day, millions per year. 300,000 people who have a problem with charges on their credit card per day at a single retailer would clearly not be good for Visa or MasterCard's brands.

> As a credit card user, I don't think it is their job to dictate which businesses are worthy of operating or not.

As a credit card user, don't you prefer that you don't have to call your bank and dispute a transaction on a regular basis? It's this bar that ensures bad actors aren't there to take your card in the first place, that the stores you shop at don't engage in shady practices resulting in charging you more than you expected to pay, that they have reasonable return/refund policies, and that they have good and prompt support so they can resolve issues with you directly without you going through a third-party mediator.

Ensuring low chareback rates ensures high customer satisfaction rates across millions of businesses. If a business wants to operate despite large numbers of dissatisfied customers, they're free to do so. They can take cash, or checks, or debit your bank account. They just won't be allowed to take Visa or MasterCard cards. That's not a right.

Citation needed.

https://www.quora.com/Online-Payment-Gateways-and-Processing...

"Amount over $2400-$2500 mark suddenly experiences a surge and it is almost 3.0% to 3.5%"

I have personally had times where my chargeback rate has been above 2%.

Being able to accept credit cards is more of a right rather than a privilege given how much of a monopoly they have and it is virtually impossible to accept payments online through any other means.

I take it you are in favor of credit card companies being able to block payments to arbitrary entities such as wikileaks?

Did you read the rest of that comment?

"I can cite figures for Remittance industry only."

From Wikipedia:

"A remittance is a transfer of money by a foreign worker to an individual in his or her home country."

https://en.wikipedia.org/wiki/Remittance

Frankly, I'm kinda surprised that they're able to operate in that industry with credit cards at all, given how attractive it'll be to credit card fraudsters.

We do ecom subscription and ours is 0.01% in comparison.

If you blame the customer, you should better qualify your customers. There are services that can tell you if the customer has committed friendly fraud(fraudulent chargebacks). Burden is on the merchant to prevent chargebacks.

Accounts with 1-2% chargeback rate are incredibly costly. Stripe is potentially having to pay 1-2% of that account's entire processing volume in losses.

Chargebacks don't magically get paid. Somebody is left holding the bill.

But adding a $25 "administrative fee" or a $10,000 fine seems like a frivolous act, given how little effort is spent investigating chargebacks.

It could help identify some hidden problem and as a bonus make them cancel that chargeback.

This is why people will eventually end up hating Stripe just as much as PayPal. There is a huge disconnect between consumer expectations and the realities that a 3rd-party aggregator like Stripe faces.

OP (disappointeddev), if you could drop me an email, that'd be great: patrick@stripe.com.

The service your provide is excellent, I adore the way Stripe does things in general, but your tech support absolutely positively blows.

We've been using Stripe for year and a half now and we had to contact support several times (6-7 ?). Every single time I would hear NOTHING back for few days, then I will log onto your IRC channel and start, basically, bitching. Lo and behold, not a minute later I get a private IRC message asking for an account ID and then I get a reply from the support in another 5 minutes. Invariably, it will start with a cry story how the support is unusually overloaded now.

This is absolutely unacceptable. In one case we had issues with two-factor authentication not working, and you'd think it warrants a more-or-less timely response, but, no, it still required the IRC trick to wrestle a reply from your support.

Please fix this.

That's because the times you call, by the laws of probability, are exactly the times when it is most likely to be busy. The same principle leads patients to estimate the business of a doctor's waiting room higher than the doctor or staff would.

There's a name for this type of phenomenon in the abstract, but it eludes me.

Good examples are John Legere (TMobile CEO). How often do you see the CEO of Verizon or ATT actually showing a human response to customers in public?

Obviously a CEO a who values support is important, as obviously support is important.

Terrible CX is endemic in business. I don't understand why Stripe can't set the bar higher. They clearly have money to throw at this problem.

I'm sure being a CEO is a busy job, so I understand. And I'm sure he'll respond to OP. But keep in mind just because he posts his email publicly doesn't mean he's actually any more reachable for it.

[1]: https://news.ycombinator.com/item?id=9646672

(Two of us from Stripe, myself included, have already been in contact with disappointeddev.)

I think and hope it was the latter, but the frequency with which this seems to be happening starts to suggest it may also be a little bit of the former. E.g., just in this very comment thread there's a handful of people claiming you never responded to emails even after explicitly asking them to email you.

Something is not going well with the CX (Customer Experience) if we're seeing this many complaints in the comments section.

Well to be fair, they pretty much have to go to a private medium to talk to their customers, especially in a financial setting.

Why would you understand?

It is a simple feat to respond. At the very least, he could have forwarded your email to someone, CC'd you on it, and said "Hey X, please look into this case for me."

No response to an email is above all disrespectful, regardless of how busy he might be. It also implies that he is giving away his email address as a PR move.

These pieces of information that keep dropping on HN is going to make me move my business away from Stripe too.

Stripe, why would you screw yourself so badly when you could easily have been the only viable option by simply not behaving like PayPal?..

That being said Patrick, you can't do this forever, the service & support ought to be well without the need of a call for attention.

I think this is the 3rd or fourth one in the past 2 weeks. Is something going on at Stripe? Why are these all happening now?

Part of it is, I think, because we're growing quickly -- even for the same problematic case percentage, there are going to be more in absolute number. (And, as Stripe becomes more prominent, the cases that happen will themselves get more attention.)

In addition, the cases that get public attention generally aren't clear-cut. For example, the other discussion on HN a few weeks ago was about a marijuana-related business that most likely violated our ToS.

We care a great deal about providing great support at scale. Each of these cases triggers a lot of internal discussion about how we might have been able to do things better.

Unfortunately with the previous (and now this) it seemed like you guys had become paypal and thus dangerous to do business with.

It's weird to find out this way, as I was procrastinating on HN instead of researching.

[0] http://bananatag.com

Fraud-related cases are particularly hard, by the way. Thousands of people try to defraud us every day. (I guess it's a consequence of being highly-visible and easy to set up.) And so the support for those cases has to be handled a little differently.

Maybe that's the problem. Might be better to provide stellar support on one or two channels.

Please note that I have nothing against Stripe, dealing with money looks very challenging, and these issues are probably not easy to solve/support for each and every user.

Engineering support is great and responsive through IRC but, stripe engineering staff there just shrug if you ask a business question.

I'm guessing a service like Stripe has plenty of customers in B2C markets, where selling something for $10 is hardly unusual. At that price, they are only making a few cents on the transaction in revenues (not profits).

Obviously on a $100 transaction the figures work out much better for them.

I think Stripe also still charge the same rate for all card types, but behind the scenes they are probably paying significantly higher rates to some card networks than others.

  Why do we pay that much again?

I always hear, but never believed, that businesses supposedly appreciate stable fees. After having several businesses I know I much prefer lower fees.

Yes, collapsing the confusing levels of this process is certainly worth something.

If I'm wrong, I want the name of your merchant processor!

Visa interchange fees: http://usa.visa.com/download/merchants/Visa-USA-Interchange-...

A screenshot of a transaction report at my processor: http://i.imgur.com/fSycwUS.png

Feel free to e-mail me if you'd like any other clarification or information. It's in my profile.

I suppose it's (only partially) balanced by the higher AMEX, etc fees.

Honestly, right or wrong - I've seen very few 'startups' really grok effective customer service (I realize I'm over generalizing). Yes, a good Knowledge Base/FAQ and ticketing/email system is important - but you need a phone number, you need a call center probably too (even if its only 2-5 people answering the phone) - you need more than email and ticketing - most technology is complex enough that you need a person to talk to over the phone to hold your customers hands - IMO - this is even doubled for anything that need to integrate with your systems or has a device on your premises, but is also applicable to a complex web service - I strongly believe it drives long term customer retention and eases on boarding.

I'll point out as to why I believe this - outside of the technology hubs, the folks with money are not the 'internet native' generation, they're older and less comfortable with technology then we are.

Commercially, of course a big customer is more valuable in isolation than a little customer, and while it's unfortunate if you're the little guy, it's understandable that a business might prioritise supporting its larger customers first.

But even if a little customer is only running a microbusiness on the side -- and as we learned during the EU VAT discussions a few months ago, there are very many such businesses on-line -- it's still going to be a big problem for them if a payment service kicks them off for a 1% chargeback rate. That literally means a single chargeback within several years in the example given, and given the randomness of the chargeback process at the best of times, that could easily result from an accident and not be corrected because the customer's bank doesn't handle it well.

Similarly, the little business might only be doing a few thousand a year in revenues, but if a service is failing to collect 10-20% of their transactions every month for unspecified reasons (and, for subscription business models, probably terminating the entire subscription in practice as a result) then that's still a huge level of attrition as a proportion of their modest income.

I suspect the danger for Stripe lies not in losing the odd small customer, or even necessarily in the cumulative damage if they lose a few small customers the same way before fixing a problem, but in the damage to their reputation that any individual case may cause even if the customer does not go posting about it on HN, Twitter, #stripe, etc.

For example, today I only have one business that is taking money on-line via this kind of payment service, and it's a relatively small one. Losing us as a customer wouldn't exactly show up as a footnote in the payment service's next financial statement.

On the other hand, I have another business that develops systems for clients who may need payment processing in some cases, and often a client will follow your lead if you recommend a service for something and they don't know any better or have other preferences. Similarly, I know a lot of other local business people through work and socially, and through a chance discussion over a drink I once helped a business several orders of magnitude larger to find and ultimately switch to a different payment service.

I'm always happy to recognise good service and positive experiences. Usually everybody involved wins from such discussions, and I imagine that word-of-mouth advocacy is quite a big factor in the early growth of many on-line services. The downside is that presumably someone in a similar position who hadn't enjoyed the same positive outcomes that I have seen would not have made those same recommendations, and that would have cost one payment service a very noticeable amount of revenue in cases like the one I mentioned above.

So I guess it's inherently a tricky thing to balance support and management overheads between larger and smaller customers if you're in the kind of business where your main target audience is knowledgeable and probably technical people. Big customers generate revenues right now, but small customers might not only become big customers themselves but also refer other potential customers, and you probably have a lot more small customers who can make or break your reputation than large ones who don't really care about your reputation anyway.

Notwithstanding Stripe's SaaS-y "all pricing and deals are public" branding, they definitely have a BD team who can set you up with more direct contacts for certain types of questions, different rates than are publicly posted, and APIs that aren't public (to name a few things).

When you send an email to support@stripe.com (or any of the public email addresses they put on blog posts), it goes to Uservoice. Then it gets triaged, depending on the severity of the ticket, if it falls into account or developer related support it gets assigned into a queue (at times it gets put in the wrong queue and then has to get reassigned). But long story short there is a system.

Phone support is also being worked on were told.

That said I do love Stripe but I do agree that support needs to be fixed, though I may have a bias as I see a much higher percentage of upset users than most.

Last year I was testing Stripe integration. I tried using my own credit card with a fake name. Surprise, it went through. I emailed Stripe support. After half a dozen emails discussing CC authorization I learned that Stripe does not and can not validate Name & Address on credit card.

Stripe told me that Credit Card companies do not disclose this data to Payment Processors like Stripe. Thus, Stripe simply passes on the name & address to the CC API.

Interestingly enough, Name & Address are NOT validated by major credit card companies. You can use junk names on your name & billing address and that will NOT stop your credit card transaction from going through.

Try for yourself next time you order something online. Makes me wonder why they even collect the data in the first place...

Stripe supports AVS the same as other processors. Whether you choose to reject cards that don't pass AVS is up to you: it's a setting. So is which of the codes you want to reject. That's the case at every payment processor I've used. Different businesses, collecting cards in different scenarios, are going to have different risk profiles and different needs. If you're running a store selling computers to strangers over the internet, you probably want full AVS in addition to other fraud checks. If you're taking an invoice payment from another business you've worked with for years, you might not want to bother collecting and verifying an address.

With that said, about 3 months ago I was having problems reloading my Starbucks card with my credit card. The charges would go through on my credit card, the balance wasn't updating on my Starbucks card, and Starbucks system got stuck in a loop somewhere and kept taking money out off my card until I called my bank to get them to stop approving the charges altogether. Long story short, I called Starbucks and after about an hour the poor girl on the phone told me they had implemented increased fraud protections that compared the name on your Starbucks card to the name on your credit card. Because my credit card used my full name and my Starbucks card didn't the balance wasn't getting transferred over and was getting stuck in a loop somewhere. Not sure how they were doing the name verification or if they were just doing a simple compare in house, but needless to say was a little frustrating.

You can get pretty far with with fuzzy matching or just a simple levenshtein distance between name on record and name sent with order.

This isn't a Stripe-specific case. Moneris, a card processor in Canada, has a bunch of fields that a merchant can check on/off if they want them to validate the details during payment.

But you're right - if the validation isn't happening, why bother collecting the data? At the very least it might hurt conversion rates.

A merchant can play a balancing act between having limited validations but a higher processing success rate against the chance of a higher dispute rate.

1) They have AVS checks, which can check the street number and zip code. But its up to us to decide what to do with this information (e.g. void the transaction).

2) They do not check anything else (country, name, state, phone, email, etc).

3) Some cards will fail if you put in the wrong expiration date, some won't - I would guess this is up to the card being charged. I get no information back when its incorrect but they let the charge go through.

4) Some cards will fail if you put in the wrong cvv code. Some will succeed but will just let you know through another field that the cvv code doesn't match - its up to us to decide what to do (e.g. void the transaction).

You're right, you don't need the billing address to process a payment, although it's not true to say it's not used at all. Sometimes card companies do validate it, it depends on the type of transaction and the fraud profile. Often it's fuzzily matched, so name may not matter.

But you can also use it for other things: for example, fraud detection. Say your billing address is in New York, but your shipping address is to some Eastern European country. That's a big flag for fraud. So merchants collect it because they want to avoid damage to their bottom line.

This sounds like a great way to get your account shut down.

They provide test/mock APIs for a reason.

Creating a system that processes payments can be an involved process, requiring significant development effort, even when using API and libraries like Stripe provides. It seems like Stripe should only be shutting people down as a last resort, after repeated warnings with a clear way on how to fix the problem. This is also just good business practice. No one wants to be shut down without a good reason and without any recourses for appeal or reconciliation.

It may be odd for a company of their size to skip validating name & address, but I don't think this is unusual. I've implemented several medium-to-large payment processing systems and the processors didn't care about name & address -- they just wanted the numbers on the card.

Can you tell us how long it has been since you sent the email?

There must be some level of fraud prevention in any financial platform. You didn't give many details as to the type of charges you made or evidence past "no one charged back" as to how you made them. This is a public platform and I understand less than full disclosure but your narrative that:

1. You signed up

2. You charged people legitimately

3. You were cut off without notice

4. No one responded to multiple attempts over more than 1 business day

5. You were forced to take this action

Seems unlikely to be the full and absolute time line of events.

If it is, ok, post to HN and troll them. If not, is this really the medium? Doesn't stripe get a say on which transactions will and won't process on their own network?

If your expectation is "everything charges all the time period" then use bitcoin. These are credit cards. There are rules. :-)

Ironically, we've seen this before with the many complaints about PayPal.

While I'm open to the idea we're getting the full story here, I think your view may turn out to the right one.

Credit card processors do this all the time.

>Doesn't stripe get a some say on which transactions will and won't their own network?

You will just find downvoting brigades of people on HN when it comes to any YC backed company. Which is probably why this will be my last post on HN. You can't get anything truthful on here if YC has backed them.

It is pretty great that the CEO comes on HN and handles support. That is a skip-level meeting. Usually support requests are handled at the bottom of the heirarchy pyramid, not the top. Yes people openly support and defend YC companies, this community is only possible because of YC, and is comprised of many employees, founders and peers of these companies.

If you don't like being disagreed with though, you can pick up your ball and go home. I suspect that you will get a lot more value from this community than the one time you couldn't get a CEO to directly address your problems.

I will send you an email shortly.

His account was obviously activated for the purpose of submitting this post and he has provided NO follow up comments at this time. His post has been up for an hour.

I'm not saying anything about the validity of his claim, but we obviously need more information. Please check back and wait for him to respond to the many great questions already on here.

Also, I made a new account for my privacy.

I just see people running off in a million directions in the comments on HN and it's nice to wait and let things play out a little before we jump on any bandwagons, this is an event that requires a follow up to be a complete story. So please also follow up with your experience with Stripe after coming to this forum (through link to your blog or in the comments or an edit). I'm sure we'd all like to get the complete story.

Dude will be losing money while you get your popcorn ;)

Stolen cards, for instance, which may be more likely to happen in some industries than others.

While I understand the need for ambiguity with respect to your business operations, this post is too vague to give any understanding as to why Stripe blocked your account.

Charities also have huge problems with CC fraud, as they're seen as an easy target to test card details against before making the "full" purchase elsewhere:

http://www.bankinfosecurity.com/stolen-cards-tested-on-chari...

Actually, you do. In many cases, fraud follows a pattern. If you're a merchant, and you're getting a lot of fraudulent charges, you'll often get into a discussion with your upstream processor's fraud department about the details and how to mitigate it. I don't work in payments anymore, but as an example of how this works, I was talking a few weeks ago with a merchant who does tens of millions gross every year, but also faces five digits of fraudulent transactions. They sell car parts, so it's quite easy to buy one or two things for a lot of money. While working with their processor, they discovered that a significant amount of fraud was coming from two cities. And not just two cities, but two neighborhoods. And not just two neighborhoods, but two streets.

They simply reject any transaction from that street before even sending things to the processor, and now they're saving tens of thousands of dollars a year.

Preventing fraud is the most difficult part of payment processing; are they outsourcing it to the merchants?

You know your customers and business better than anyone, even your own upstream.

They get upset about it anyway, because Visa/MC mandates it. A reversal ratio above ~1% threatens Stripe's ability to act as a processor. A bit of Googling will turn up plenty of people with terminated accounts for excessive chargebacks, just the same as any credit card processor.

https://stripe.com/docs/api#capture_charge

We eventually gave up, as no one from Stripe answered with other than pre-written answers. I even tried pinging them on IRC, but they couldn't help with these matters.

They had no disputes, and Stripe provided no reason for the cancellation.

After over a week of waiting for a reply (PayPal's initial responses are rarely helpful, but at least they tend to respond..), they told me I shouldn't use Stripe because I would almost undoubtably be considered high risk. Why not just say it isn't allowed?

>Video game or virtual world credits: Sale of in-game currency unless the merchant is the operator of the virtual world

I am.

>Virtual currency or stored value: Virtual currency that can be monetized, resold, or converted to physical or digital products and services or otherwise exit the virtual world (e.g., Bitcoin); sale of stored value or credits maintained, accepted and issued by anyone other than the seller

It can't and isn't.

Their TOS actually makes no mention of virtual currency whatsoever.

I've been doing this for four years and we've never had a single dispute, but that's really neither here nor there.

https://en.wikipedia.org/wiki/Halo_effect

Unfortunately, a lot of businesses want to accept credit cards online with little to no effort in managing the risk. 1-2% doesn't sound like enough wiggle room, but if a company isn't using misleading marketing, is not defrauding users, has a product actually worth what they are charging, and offers instant support for refunds - then staying under 2% is not difficult. Too many businesses want the risk to be handled by external forces. If you want to accept money online, make sure your business is prepared to manage the risks. You can't just drop in the payment processing and wait for the money to roll in.

I have a feeling that PayPal may be able to rebuild the trust it lost in hacker minds.

http://www.rbcroyalbank.com/RBC:z7TrmawYUA4BRAAwmCMAAAD8/bus...

http://www.tdcanadatrust.com/products-services/small-busines...

http://www.scotiabank.com/ca/en/0,,557,00.html

https://www.bmoharris.com/us/small-business/services/merchan...

https://www.cibc.com/ca/small-business/merchant-services.htm...

When a company is huge, even one out of 100,000 transactions going badly adds up to a lot of anecdotes.

In case of Stripe i sent last week a question in reply to an email from them from last year, there is no ticketing system it seems I got replies from 2 different people today after a week (not the same person one who originally was friendly and talked to me and might not be working there). Both answers were somewhat positive but a bit contradictory.

I do not believe that Stripe are fundamentally "evil" like PayPal, well not yet anyways we will see how turns out with more growth and more staff who might not care about customers.

Every time I have had a question about functionality, needed someone to take a look at test cases in my account, etc.., someone from Stripe has ALWAYS been available in IRC and quick to respond.

That said, if they really are canceling accounts on short notice, that's pretty shitty. No reasonable sized application can realistically swap to a completely new payment provider in a week. There should be a bare minimum of a month or two of notice if your account is getting terminated.

It is kind of sad that the support isn't more expedited for things like this.

Seems like more and more people are turning to HN in order to get visibility and get their Stripe problems resolved. That is quite unfortunate...

I upvoted for visibility, as I know how frustrating it is to deal with payment processors, especially when your living / business depends on it.

https://news.ycombinator.com/item?id=9619282

Fraud is a sensitivity/specificity problem. For sensitivity, Stripe wants to detect as many actual fraud cases as possible, because undetected fraud is expensive. For specificity, they want as few false positives as possible, because false positives mean angry customers who feel mistreated.

Generally, there's a sensitivity/specificity tradeoff, and priorities need to be set (which is worse - letting criminals get away, or frustrating honest customers?). But at such a scale, and with so many creative minds working on new mechanisms for fraud, it's impossible to achieve perfect numbers on either side.

- Strongly regulated banks/strong consumer protection in financial services.

- Good merchant customer service.

- Cheap credit card processing.

Security and Convenience are a classic tradeoff. I suppose you could argue that a good implementation of either isn't cheap.

Do you sell cheap virtual goods? They're sometimes used to test stolen cards I heard.

This process has helped to avoid all kinds of scammers using my website to try to validate stolen credit card details.

Using a disposable HN account does not help either.

I flagged this story, and hope other people will too.

I think that this type of post is fine for HN. It's a YCombinator backed company, with the founders and most of the team commonly browsing the site and people here are usually able to point you in the right direction.

That's understandable.. but this isn't a support forum, and people would stop visiting if it became one.

It's almost like you're arguing against accountability and transparency. Should posts about HN companies not show up on HN, and instead be written about on a different website? Maybe BusinessInsider or Bloomberg? It's true that many will upvote it merely because an HN company was mentioned, but like the other response says, there are many "me too"s in this thread.

It could be no fault of your own but maybe your customers are using stolen credit cards.

I used to work on fraud operations at a payment processor and there was always more to the story. There were four categories that account's broadly fell into:

* The quiet fraudster. These would either have a scam business model with real victims attempting to pay, or would not have a business and were using stolen payment details to pay themselves. The quiet fraudster would not argue when you closed their account - they would just sign up again and try a different approach to get round your system.

* The loud fraudster (the vast majority of fraudsters). These come in all shapes and sizes. They were often the most obvious frauds (100 payments from the same IP at our max payment amount, within 10 minutes of each other). Unfortunately they sometimes came in the form of someone deluded - for example the man that sold 'magic beans' that cured AIDS. These are the loud fraudsters because they will either shout down the phone at your support team (shouting never helps when calling support - by the way), or try and drum up negative PR to create pressure.

* The accidental fraudster. These people have good intentions, but are none-the-less breaking the rules. For example, migrating all of your customers over to a new payment supplier by filling out a new payment form on their behalf (note - I worked for a payment processor that was not based on cards - this method may be allowed for CC though I doubt it). The accidental fraudster might also have fraudulent customers paying them yet be a legit business - for example online sellers of jewellery will have a lot of people pay with stolen details hoping that the business will ship the goods before the payment is flagged. Sometimes you can work with the business to fix the issue, many times you have to let them go (remember, they will have all the signs of an obvious fraudster - so you have to be sure that their story is true).

* The innocent. As you can imagine, sometimes there are people that have all the signs of a fraudster yet are perfectly legitimate. There can be many reasons for this.

===

Without a lot more information, I cannot begin to speculate what category the author falls into - hopefully one of the latter two.

That said, as much as I love what Stripe in general, it is completely unacceptable for them not to have an escalated support/appeals process for fraud complaints. If they have made a mistake (which happens even with the best fraud systems), then they could be destroying a business that might have customers/employees/suppliers that are also relying on them to receive their payments on time.

http://www.jwz.org/blog/2015/06/internet-commerce-how-does-i...