logoalt Hacker News

abxyzlast Wednesday at 8:34 AM0 repliesview on HN

Assume that the transactions are coming from humans, it is often cheaper to instruct humans than it is to automate when there’s an expectation that you will try to mitigate the malicious behavior.

Be willing to temporarily suspend your services in order to prevent the malicious behavior. Do the manual work to allow genuine customers to keep using your service, e.g: require manual account approval. You need to treat every one of these chargeback transactions as a risk to your businesses ability to operate, each that you allow to happen increases the risk of permanent damage to your business.

Reach out to your account manager at PayPal, this is not something that should be going via frontline support. You need to be talking to a person who knows and is responsible for your account. If you don’t have one, get one. If you can’t get one, look for anti payment fraud businesses that work with PayPal, they may be able to get a direct line to PayPal on your behalf.

For the future, if you’re dependent upon a service provider you should always have someone you can reach out to directly. If a provider isn’t willing to offer that, find a different provider. Financial services especially are very risk averse and will jettison your account if they get even a whiff of something untoward, whether you tried to prevent it or not. The cost of recovering from that will dwarf the cost of any drastic mitigation you take now. Losing your PayPal account is worse than turning off purchases for a few days.