Stripe is friendly to "friendly fraud"

Isn't this a property (and longstanding value judgement) of the entire payment card ecosystem?

My suggestion is to just ban specific regions or countries and you can cut 80% of this fraud.

I'm not going to name those countries outright but you should never ever be launching globally until you have these safeguards in place.

Once you are known to be vulnerable to a certain scheme, it quickly becomes known in that region/country.

Again and again I'm reminded why high trust societies remain high trust and why low trust societies rarely transform into high trust society.

I run a saas and we get this every now and then.

As a rule of thumb, when you get a chargeback you need to completely ban the customer from your db. This includes:

- card ban - email address ban - fingerprint their access and ban

This will save you a lot of hassle when they try to signup/buy your product again and cause you the same amount of grief.

Stripe obviously records data around friendly fraud, (At minimum they implement Visa Compelling Evidence 3.0 https://support.stripe.com/questions/how-does-stripe-support... ) and since you did not include screenshots of the messages sent by Stripe support I suspect they were saying something carefully noncommittal and legally compliant to get you to go away, which then got spun into an outraged blog post.

> They told me they don’t use evidence of chargeback abuse from one merchant to create cross-merchant fraud signals, or to take action against the customer’s card, email, or other details for other merchants.

I'm quite surprised they were able to get Stripe to actually state all of this clearly. Its nice that Stripe actually communicates details like this. But you can see the logic behind why many other big companies would just respond with an opaque message like "thank you for your report, it will be handled in the appropriate manner". Because saying the truth gets people more upset.

I had a customer do something similar with a thousand-dollar product. They had signed for delivery and provided no evidence, but banks always side with the customer.

I got hit with a fraudulent chargeback (claim was the purchase was unauthorized and the person showed up in person to a class) and it was doubly bad because they paid via Link which means that Stripe actively verified them via 2FA.

Can someone explain to me why Stripe (or a competitor) doesn't offer a setting "refuse transactions for cards that have filed > x chargebacks with <acquirer> merchants this year"?

There aren't any screenshots of conversations with Stripe support in the blog post, but I'm guessing one other reason is that support agents are incentivised to close tickets or end conversations as quickly as possible.

To be fair, from stripe's point of view, how would they know that you and the alleged customer are not in on it for some reason they don't know?

So I can crack open a Backwoods, stick my weed in there, and then glue back together with Ciglue? That's pretty cool.

Then what are the better alternatives?