(I work at Stripe). I agree that our chargeback management tools are far from perfect, and we're working to improve them. We introduced PDF evidence uploads last year (unfortunately too late to help in this case), and we're currently exploring ways to make illegitimate chargebacks a non-issue for all our users. We're also constantly fine-tuning our fraud detection systems which also helps reduce chargebacks across the board.
If you have thoughts on how we can improve this process further, we'd really appreciate hearing from you. Email me at anurag@stripe.com.
What is Stripe's recommendation for SaaS companies wanting to prevent chargebacks?
For example, I sign up for Basecamp and pay monthly, then x months later I issue a charge back and win. What is your recommendation to prevent situations like that?
The best course of action to prevent chargebacks is to make it ridiculously easy for customers to get in touch with you about refunds and other customer service issues. If the refund process is quicker and easier than issuing a chargeback, your users will be a lot less likely to try the latter.
If you do receive chargebacks, I'd recommend keeping extensive records that you can later upload as a PDF file as part of the dispute process.
Things like:
- IP addresses, logins, usernames and other proof that the customer used the product.
- User correspondence acknowledging the purchase.
- All invoices sent to the user.
- Emails or other documentation displaying cardholder consent for the transaction.
While it isn't always easy to win disputes for SaaS business, submitting comprehensive evidence in your dispute response significantly improves your chances.
That would only help if the customer had enrolled in it (since it's completely optional). It just makes it more difficult for customers to contest fraud transactions, so why would anyone enroll?
From my understanding is that it lets the customer's bank see exactly who's making the payment and gives them a chance to deny it. The merchant is then protected from fraudulent chargebacks and these are covered by the bank.
Essentially, they get to perform their own fraud prevention and it's a way of trying to improve confidence in online payments.
I believe the idea that it takes away rights from the customer is a misconception (I also think most of these protections are given by law).
Yeah, now people are starting to realise that running a payment processor isn't as easy as it seems. People bash paypal but there are very good reasons they do what they do, to strike a fair balance between protecting consumers and protecting sellers.
Companies like stripe put forward how good their technology is, but honestly most of the real work that a payment processor does is the processes they have for dealing with this sort of stuff.
Because the value of their reputation for low fees/friction is worth more than that value of their reputation for fraud prevention (which most people will take for granted, since most people are not fraudsters). I think Paypal is actually moderately efficient in this area, and its #% fees are not unreasonable considering the scope and complexity of its operations. By contrast I think eBay's fees are quite excessive, but because the Paypal fee gets pulled out last and most people forget about it, much of the negativity attaches to Paypal. Nothing will change until Stripe becomes too popular with fraudsters for people to ignore it, and that'll take a while because it's middleware and people have a different brand relationship with it than they do with Paypal. Sorry :-/
What an interesting discussion. It should be noted that no matter how much evidence you can provide to your payment company about legitimate chargebacks, it's all useless if any one of the following is true:
(A) the person/s fighting the chargeback for you are incompetent / don't care / don't actually file the chargeback;
(B) the person/s fighting the chargeback for you are bullied into minimizing or hiding or not reporting evidence that can prove things like recurring fraud, identity theft, or bogus accounts; ultimately, this evidence exposes weaknesses in the payment company's systems that the payments company doesn't want "out there";
(C) the company is just plain unethical and will actually go out of its way to get rid of employees who do care and are willing to spend time and resources fighting chargebacks at an individual level -- such companies do this because they value company "image" in the eyes of investors / VCs > "the little guys".
As the person who filed and fought -- with a decent success rate -- almost 100 percent of the chargebacks for competitorofStripe but who was let go for reasons (B) and (C) above, I would gladly testify that this is a real problem that cannot be solved without employees who know right from wrong. A little over a week ago I wrote to Patrick after reading another thread criticizing Stripe's customer support and turnaround.
Clearly Stripe needs help in this area.
Ultimately, payments companies need technical people who care, but it's a weird combination, and those people are few and far between. Those people need to be allowed to make their own decisions and spend time on individual cases, even when the cost:benefit math tells the managers or CEOs it's not "worth it". I'm recently coming off a year of independent projects, and would like to get back into the team environment. It really doesn't make sense for experience and specialization to go to waste. If you hire me, Stripe, I will help build the best and most customer-focused chargeback-fighting machine in the industry, enabling you to run circles around your not-so-ethical competitors.
Stripe doesn't seem to try at all when it comes to intangible + chargeback.
It's tougher to prove illegal chargebacks on virtual goods (intangible). Paypal is willing to take any logs, communication, correspondence, and user information you give them and use it to challenge the chargeback with the card issuer.
It's true that Stripe have almost non-existent anti-fraud tools. We've been using Maxmind's minFraud and have been building a bunch of filters and logic on top of it. We shouldn't need to do this but as a marketplace we were being hit by OBVIOUS fraud that we need to do something since Stripe wouldn't step up their game, at some point the fraud amounted to ~20k in a very narrow window of time and Stripe didn't stop these transactions as fraud even though it was so obvious (US Card, IP from Thailand and 20 charges within a few minutes), this is when we decided we had to do something about it.
Regarding chargebacks - I usually don't bother to fight them anymore, since we're a marketplace selling digital assets - we are most likely to lose. However the exception is when I'm 100% that charge is legitimate and was disputed by its owner. Since we offer an unconditional 14 days money back guarantee and make it really easy to request a refund (sometime even outside of that 14 days window), whoever illegitimately dispute a charge is sure to get a fight from us.
A few months ago we disputed 2 "fraudulent" chargebacks from a customer we knew was behind these charges. We even reached out to him asking him to cancel the chargebacks and offering assistance (maybe he just wanted a refund) but never heard from him. I proceeded to collect all the information I could: IP and location, email thread he exchanged with the developer selling the component requesting support, his apps on the appstore and even his personal information behind hid domain's whois for his email's domain.
I didn't expect much knowing that because that was an intangible sale we were not protected, but few weeks later we received an email from Stripe that we won that chargeback (Total was ~$1,000 which we already paid to our developers - so that was a net loss for us).
I was pleasantly surprised and regained confidence in Stripe.
However from the original post of the author, it seems he was doing services for that person. In case services - I recommend to collect as much information as possible including getting the customer to sign on a contract. With all of that information, I doubt someone could dispute a charge. Credit Card companies will never dispute a charge that actually happened and that you approved even if the service was partly rendered since this is not their role to take sides, they will usually ask you to take this to court. Therefore I think the author could have won that chargeback if he had collected as much information as possible and put a PDF together highlighting the facts.
You can, indeed, lose chargebacks even if you have a signed contract or whatnot in place. It is totally at the discretion of the issuing bank, and generally something decided in 5 minutes by a fairly low-level employee. AR has lost chargebacks where our evidence included a statement by the CEO of the customer saying the charge was accepted and that AR was key to his business. (His bookkeeper didn't know that so she reversed 6 months of charges at once.)
You are completely correct that Stripe has no control over this and this is at the sole discretion of the issuing bank. I think I was pointing that the "you can't win intangible good chargeback" is not true anymore and if you can put together a good case with lot of proofs sometime you might win.
By the way, no one really talked about this but there's always a possibility to sue the customer if the charge is really big and the customer reside in the same country than you are (for example US). Of course this is up to you to decide if this is worth the effort (Most cases this isn't).
I'm very sorry about these issues, and appreciate the vote of confidence. Looking back at the state of our fraud controls in July 2012, we've definitely come a long way. We're currently testing a revamped set of fraud prevention controls (in private beta) and they have been extremely effective for some of our largest users. Email me at anurag@stripe.com if you're interested!
Hey Anurag - this is ok, we stuck with you mainly because you were (and still are) disrupting an industry led by heartless cyborg and you guys were doing something good. I could understand why you didn't have any good prevention tools but I think 2014 should be the year you guys make a step toward accomplishing this.
I've emailed you when you made that initial comment on this thread - hopefully we can discuss about anti-fraud and that will result in better tools in your arsenal in the longer term.
I use Stripe for my SaaS app, but for all my digital download products (ebooks and courses) I use Gumroad [1] which actually has really great fraud prevention. Not only that, but Gumroad will fight a chargeback on your behalf and if they lose they cover the fees. That includes both the credit card fees and the $20-30 chargeback fee.
You know a company that has taken responsibility for the related charges will work hard to fight fraud.
Disclosure: I really like selling through Gumroad (and once they sponsored a workshop I taught).
If you have thoughts on how we can improve this process further, we'd really appreciate hearing from you. Email me at anurag@stripe.com.