I don't want to ever fight chargebacks. Because my policy is to never take money from people who don't want to give it to me. I want to automatically refund every chargeback attempt without it affecting my ability to charge credit cards.
One of my businesses targets consumers, who have this amazing ability to "forget to cancel" or to have "cancelled 3 months ago, but for some reason we're still billing them" or to just plain decide that the last six months of charges were fraudulent and that their bank should get them reversed.
All of that is fine with me, and in fact every invoice I send out says as much: We'll happily refund every penny you ever paid us if you simply ask. But lots of people aren't comfortable asking for their money back. They are, however, plenty comfortable asking their bank to ask for their money back.
I just want a way to streamline that process that doesn't involve me having to handle fighting disputes that I'd prefer to lose. And of course to not have those lost "disputes" count against me.
Any ideas on how to do that, Stripe?
We can also give you access to receiving early fraud warnings from issuers (like Visa TC40s). These are notifications from the issuers that the customer is likely going to dispute a charge. If you're happy proactively refunding customers you could do so without incurring the dispute fee (though TC40s and the MasterCard equivalent can still count towards monitoring programs). Let me know if you're interested (eeke@stripe.com).
This gets you most of what you want. The subtleties:
1) The credit card ecosystem wants to discourage chargebacks as a routine mechanism for canceling, and so there will still be a fee assessed by the networks and hence by us.
2) The credit card networks have thresholds for how many chargebacks a customer can be doing while making responsible use of their rails, and if one routinely exceeds that, they will give a very serious warning to change business practices and, if one’s numbers do not improve, they will terminate one’s access to the rails. We have substantial experience with B2B SaaS businesses and it is _extraordinarily_ unlikely that a B2B SaaS business comes close to those thresholds, even after accounting for unfortunate user behavior.
How would I go about stopping it before it starts, as you seem to imply is possible?
Edit to add: Does it even make a difference if I go in and refund the disputed payments? It sounds like I get dinged either way and the customer gets their money back either way. Should I save myself the effort?
Unfortunately, I don't think that's possible.
On Stripe, attempting to refund an actually disputed charge results in an error / invalid request.
https://stripe.com/docs/error-codes#charge-disputed
It does work for inquiries but I am not sure how often those happen vs. "proper" declines/chargebacks. I'd assume the majority is of the latter type.
Can we get webhooks for these? We currently have to manually refund charges when we get the ‘suspicious transaction’ email from stripe, which is a pain.
It’s one of the reasons that I use Apple whenever possible to handle recurring subscriptions. It takes about 10m to file a dispute with American Express. If figuring out how to cancel a subscription takes longer, I’m cutting my losses at 10m and heading to Amex.com.
Perhaps industry standards around subscription management would help? I think there is a lot of real fraud/unethical behavior exists in this space and legitimate retention management can easily cross the line in the consumers mind as scammy.
Now, we're generally fairly relaxed about subscriptions. We very much take the view that it's not worth quibbling over the odd month's payment and we'd rather offer good customer service and build a good reputation. For example, maybe someone seems to have made an honest mistake but we believe they really did intend to cancel and they haven't used our services since, and in that sort of situation we tend to just refund them anyway if they ask.
However, cancelling a payment authority or charging a payment back retrospectively is not a substitute for cancelling a legal agreement, and in some cases it also hurts us. If someone deliberately messes us around like that, we are much less sympathetic, and we certainly consider whether to pursue them through legal means to recover what they owed us and any other damages and costs.
IANACFO, but I think your balance sheet for this business is going to be pretty wack. To guarantee this, you need to keep a pool for refunds (edit: and with your specific guarantee, isn't it all revenue ever?). If you don't, that can be a real issue with the business. This happened at Groupon:
https://www.cfo.com/management-accounting/2012/04/groupon-re...
I've had both of these things happen as a consumer. Coschedule kept billing me for six months after I cancelled (and my accounts administrator didn't know we'd cancelled), and I had Experian in the UK continue billing me for six months after they'd disabled my account but hadn't told me. In the former case, they refunded it straight away once I pointed it out, and in the latter I had to escalate a little, and start talking about a small claims court, but they refunded it in the end.
I guess my point is, both of these are valid consumer complaints, and waving them away as being stupid consumers probably isn't that useful for anyone. Further down, in another comment, you imply that this is deceit / fraud.
I word my "Why did you open a chargeback" mails the same way, and offer to handle things via a refund (and to please close the dispute because it affects our business). But the people who use their credit card company instead of email or the prominent Cancel button on the website don't tend to ever respond to those mails.
It's frustrating, because so many people have had to deal with health clubs and Comcast that they just assume every business will fight against them if they want to cancel.
It sounds like you are selling a near zero marginal cost software business.
I have had a couple of obvious scammers take advantage, but that’s on them to square with their conscience. Life’s too short to spend it fussing with folks like that.
But you're absolutely right. If it were physical goods or services, I'd fight those chargebacks for sure. (Though it'd be a lot harder for one of my deadbeat customers to plausibly claim that he'd "forgot that I mowed his lawn").
I'm all for giving customers the benefit of the doubt (and I'm definitely generous in giving refunds too), but doesn't this policy go a bit too far? Even if your costs are near zero, I find it somewhat unethical to say "yes, I have proof that you used my service and received the value I promised to provide... and yet the contract of the sale (implied or explicit) - past or present - is effectively nullified at your request at any time".
While it often doesn't make sense to chase after money from customers who make these kinds of requests, it also feels wrong (to me) to encourage that kind of consumer behavior. The retroactive part seems especially ripe for abuse from customers who decide to switch to a competitor, making their switching cost effectively negative (they're incentivized to leave you).
Yes - on the whole, people are usually honest and respectable. But in my experience, a surprising number of those same people value saving a few bucks over a clean conscience.
Losing out on a large chunk of a $15k transaction because the buyer thinks the condition of the watch is "not as described" (where in reality, they know this is an easy way to scrape a huge discount on their purchase because the criteria is so subjective and petty) makes life very difficult. Sure, 95% of my customers are great, but that 5% really deals material damage when you are talking about high cost physical goods.
This product offering is interesting, and is worth investigating and weighing its cost against my average annual losses from chargebacks. In your case, you are offering SaaS so your marginal cost must be negligible. Different strokes for different folks I guess.
For instance "product not received" , "product unacceptable", or "subscription canceled" would not be covered.
I think you are being generous in your interpretation. I don't get many chargebacks but looking at the ones I've had there has been a lot of deceit and fraudulent behaviour.
I haven't seen any evidence of that second case happening with my users (apart from one incident where card thieves discovered my "update your credit card" workflow and used it to sanitize numbers for a few days before I fixed the loophole). But the first one happens all the time.
It'd be adorable in a way, as I'm sure the people doing it think they're totally getting away with something. If, that is, it didn't jeopardize my ability to continue charging credit cards in the future.
That is just not how chargebacks work, sorry. I do think there is merrit to urge issuers and card brands to change the chargeback behaviour or rules, i.e. to always give the merchant the opportunity to refund first. Essentially to make the retrievals or inquiries flow mandatory for all disputes. There you are given the opportunity to refund and respond before escalation.
Stripe and others cannot do much here except for lobbying.
I think it's fair to assume that few people will notice a fraudulent charge, and much less bother to dispute it.
If you charge money you don't feel like you need to charge -- then simply don't charge it :)
For a subscription simply ask inactive users to sign-in and confirm that they wish to maintain their subscription.
This will let you refund and pay less fees at the merchant account level. I've used https://chargeback.com/
Basically, the first is a notification triggered during the chargeback initialization process on the bank, but before the chargeback is actually processed. So when you receive the notification, you can still issue refunds, cancelling out the incoming chargeback.
The second is similar, but is at an even earlier step of the chargeback process where the user simply asks its bank some information about a line on their statement they don't recognize.
I’ll agree that what you want maybe best for some forms of business, but what are you looking for here? A fundamental change to the credit card system?
Stripe isn’t going to make it not count against you, because the card companies are certainly holding it against Stripe.
So unless you convince Visa and MasterCard to change their way of doing business, I’m not sure you’ll get what you want.
I would look at Steam's refund flow for inspiration.
Dealing with refund requests is easy. The problem is customers who request chargebacks from their banks instead of requesting refunds from you.
Payment providers usually contest such chargebacks automatically. This ends up costing you a fee. And if you lose the dispute, or issue a refund as a matter of course, these chargebacks contribute to lowering your account's reputation. If this gets out of hands it can put your ability to receive payments in jeopardy.
What would be much more ideal is that, when the bank signals that one of its customers is contesting a charge, the payment provider would simply refund the charge without questions. And, assuming refunds (and chargebacks) are the exception rather than the rule, without the process lowering your score.
1. If you run this scheme enough and your credit card company flags your account for excessive chargebacks, you could very well have that card shut down and take a credit hit along with it. 2. More and more companies implement against (effectively) data brokers who are going to tie your chargeback history into a risk score. This very product from Stripe is absolutely going to score risky behavior in part based on past chargeback history.
What's easier & takes less time now is not a guarantee on something being a net good decision, so other people should think twice before going with a scheme like this.
Why involve the telephone?
If they take 2.9% normally, 0.4% is about 14% extra in fees for every transaction you make, but disputes on a legitimate product are probably 1 in 5,000 (and Stripe will charge you a $15 flat fee if you lose the dispute which you will if it was related due to credit card fraud).
If you sell 5,000 products at $50 that's $250,000 in revenue. Stripe would normally take 2.9% which is $7,250 but now with "fraud production" they would take 3.3% for $8,250. So you've just spent an extra $1,000 out of pocket to save yourself $15 in a dispute fee that Stripe charges you. That's really steep.
If you had 66 fraud charges within 5,000x $50 transactions (to break even on fees), I would really look into why you're getting so many disputes. That's astronomically high.
I only sell digital products but the dispute rate is over an order of magnitude less than 1 in 250.
In the physical product's case, you are out the $15 + $50 (or whatever your product cost you to make and ship).
We have a strict non-refundable policy on ticket deposits because, otherwise, we can't determine how many seats are left for each event and we lose the revenue on that empty seat.
We often get unscrupulous customers who claim they don't recognize the charge because they decided not to attend in the 11th hour!
We also have the rare individual who completes the entire 3-day training and then claims they never got the service!
Because it's in-person training, it's hard to prove they received the service. For example, there are no postal records we might show as proof that we shipped a physical item and it was received.
Now, we have them sign a document affirming they got the training prior to receiving their certificates.
But, still, Chargebacks are stressful, because they create revenue and profit uncertainty for each event.
The dollar value of our fraud rate is about .3-.7% per event. But we always fear the outlier event, where that number spikes. For example, we set aside 2% of revenue from our most recent event (which is thousands of dollars now tied up) to prepare for any unanticipated spike in chargebacks.
And... the stress and frustration of fraudulent chargebacks is a non-zero intangible cost.
I will gladly pay .4% to get revenue certainty!
At this time we don't use checkout though. So will need to look into what we need to do to change to that.
I believe we're using Stripe Elements. (I'm the business owner and a programmer, but I didn't code our original stripe integration.)
Will be looking at this today!!!
Thank you so much for your work on this feature! This is a real game changer for businesses like mine!
"Should a 3D Secure payment be disputed as fraudulent by the cardholder, the liability shifts from you to the card issuer. These types of disputes are handled internally, do not appear in the Dashboard, and do not result in funds being withdrawn from your Stripe account."
Just took a look at 3D Sure. My only concern would be the drop in conversions.
I wonder what the typical drop in conversions is with this enabled.
I have a sense it could be high single digits to low double-digits (e.g. 7-11%).
In which case, that would cost quite a bit more.
I did see there is a way to trigger this as needed.
Hmmm...If we could figure out a way to identify high risk individuals in advance, that might mitigate the drop in conversion.
Hmmm... Maybe a fun machine learning side project.
My guess is that as with 3D Secure only actually "fraudulent" (e.g. payment not authorize) disputes are covered, but "service not rendered" (?) ones are not.
- Use Stripe as the only gateway for all your international traffic, and you will see alarming drops in acceptance rates, meaning the chance of successfully charging a Mexican customer in Mexico with a US Stripe account is much lower than if you have a local acquirer. By a lot!
- Rely heavily and blindly on Stripe Radar for post-charge suspected fraud alerts charges, and you will be refunding many valid orders.
- If you go all in with Stripe Checkout, you are getting a lot of good stuff at a price. If stripe dynamically uses 3DS to sift potential fraud users, you are going to hurt your conversion rates.
Been a big fan of Stripe for a long time, but when order volume goes up, and you grow internationally you have to consider other alternatives and/or backup plans, such as smart routing, local merchants, alert networks (ethoca, verifi), pre-checking for pseudo 3DS charges (no auth need, but fully protected, etc)
Not taking into account these 3 things, can drop your conversions by big double digit percentages.
EDIT: spelling
Auth rates are a deep topic, and one we’re experimenting on constantly.
The topic of whether a particular business will get better auth rates going through a local gateway is a complicated one (that is probably true of many businesses and not true of many businesses); we’re working on making this sort of thing unnecessary for most businesses to think about. Philosophically, centralizing this sort of work at Stripe makes a lot of sense to us; we can deploy more engineers against auth rates than any Stripe customer could because we have a much larger surface area for improvement than any customer does.
Many of our users want something which works out of the box, and they’re the target audience for Checkout. If you want to rigorously test the behavior against your sophisticated understanding of conversions in your own business, that’s awesome; you can see exactly which transactions we flagged for being on the fence using the API.
It’s always a balancing act to make things which work out-of-the-box for someone’s first business on it’s first day and still have the power and configurability expected by extremely sophisticated operators. Getting this balance right is extremely important to us.
0.4% on $2.5m is $10k a year. I realize "ten" is a bit more than "a few", but is Stripe's price point materially that far off from where you want it to be?
Said another way, I imagine that there are at least a few problems smaller than chargeback protection at your company that you throw $10k or more at just to make that problem go away... right? If so, this makes their price somewhere between reasonable to good.
I am really curious about your thinking on their price as it relates to other expenses in your company. Could you expand on that?
It looks trivial for the vendor to man in the middle attack.
I’d take my business elsewhere if presented with a UI from some random e-commerce site asking for extra personal information.
Attacker cannot know who you bank with. Plus, most of the time the confirmation screens are something like confirming 2nd/Xth characters of your password/date of birth.
You even wrote this on your site's documentation[0]. Here's what it says as of right now:
> There is a dispute resolution process through which you can respond and submit evidence to make your case that the payment was valid. If the dispute is found in your favor, the disputed amount and fee is returned back to you.
If we don't opt into this new fraud protection service, are all dispute fees still waived if the business wins the case?
I work for a non-profit & we had some very large donations come in online through Stripe. Someone did a typo donated $10,000. I'm sure we could set some max limit & say no donations larger than $X but it was common to have $1,000 donations. Even with a $1,000 donations the fee gets expensive.
In our case, we don't need those funds immediately. We would much rather not have access to them for a month & not have to worry about a request for the funds to be refunded.
We are forced to use credit cards directly and Paypal, as both offer a much lower fixed fee (sometimes 0) in exchange for higher %.
Requiring it to be all or nothing makes the feature useless (not cost effective) for merchants with a low fraud rates.
The entire point behind insurance is to have enough volume so that the small % when they need to pay up won't affect the business.
To me this seems like knowing about a small leak in your basement, but instead of fixing it, you buy a basement water damage insurance policy.
Am I missing something? The chargeback protection fee doesn't sound terrible
For $10,000 of sales of one's music $40 does not sound terrible. For $10,000 of sales of high-end watches $40 to have the reimbursement is a helluva great deal.
Beyond everything that 0.4% also buys you ptedictability, which is often more precious than margins.
The basic problem is that your incentives are not aligned with Stripe's: you make money when a good sale goes through, but that's when Stripe might lose money (if the transaction ends up being fraudulent). So they have an incentive to block any marginal orders, which means you lose revenue and suffer reputational harm of blocking good users.
Then there's the price: companies with a good fraud protection system / process typically keep chargebacks <0.1%. (For large companies, this means using something like Sift or Accertify along with a fraud review team, for smaller businesses it might just mean manually reviewing every order). So you're paying a lot for the convenience.
[Disclaimer: Used to work on fraud protection at Sift]
[Disclaimer: Used to work at anti-fraud-as-a-service company, acquired by a payment behemoth long since]
If Stripe charges 0.4% for it... then presumably any business with chargebacks of <0.4% value won't bother to use it (except for rare cases of needing to reduce risk on extreme low volume of high value items), so mostly only businesses with chargebacks of >0.4% value will use it...
...so almost by definition the mean cost will be greater than what Stripe is charging, and Stripe will lose money.
Since Stripe is full of smart people... what am I missing here? How is this a viable product?
Biggest thing for our company: "The payment must be submitted to Stripe by your customer via Stripe Checkout. This means that recurring charges are not eligible for Chargeback Protection"
Meaning this does not protect our B2C subscription company from any recurring charges which is a huge percentage of our charges if not all of them.
Also: "The dispute must be one of the following types of reason codes (as identified by the relevant Card Network) listed in Appendix 1 of the Terms of Service: Visa: 10.4 Other Fraud - Card Absent Environment Mastercard: 4837 No Cardholder Authorization Mastercard: 4840 Fraudulent Processing of Transactions Discover, Diners Club, JCB: UA01 Fraud Card Not Present Transaction American Express: FR2 Fraud Full Recourse Program American Express: FR4 Fraud Full Recourse Agreement American Express: F29 Fraudulent Transaction - Card Not Present American Express: 4534 Multiple Records of Charge (ROCs); Card Member denies participation in Charge American Express: 4540 Card Not Present; Card Member denies participation in Charge"
Many of our chargebacks fall outside of these chargeback reasons so it would likely not be worth it for us to use this feature, as I'm sure is the case for many other subscription based companies.
What's going on here? I thought Checkout specifically supported setting up subscriptions:
https://stripe.com/docs/payments/checkout/migration#client-s...
If recurring charges are not covered that's fine I guess but I don't get what it has to do with Checkout.
Streamlabs's tutorial on chargebacks was updated as recently as a month ago: https://support.streamlabs.com/hc/en-us/articles/11500601766....
It must feel great to be able to support such a "simple" product, as I know there must be a ton of complexity under the hood enabling the simple form factor.
We offer a hardware product with SAAS after purchase, and we have dozens of customers insist on paying for that hardware with a credit card (albeit we won’t accept one now because of the inherent risks of accepting a card).
If the limit was much higher, I’d be sold, and our volume with Stripe could go up by $1m/year.
FWIW, I have had 10 chargebacks and lost the dispute for each of them even with the delivery address matching the CC name and the proof of delivery... But I will pass on this protection, the price is way too high for us.
Big agreement on the just refund vs chargeback and effect possible merchant rate increase or suspension. Would rather cut into profits a bit then have headaches of upset merchant.
This is a game-changer. We do all or nothing semi-annual educational events and fraudulent chargebacks are a HUGE source of anxiety.
.4% seems to be a very fair percent as well to charge to make this problem just go away for businesses like ours.
We happily refund customers that go through normal refund channels, but fraudulent chargebacks are a significant source of stress and revenue uncertainty.
Just last night I was shaking my head as I stumbled across an email from a customer confirming that her friend referred her to our event and that she was coming. But then a couple months later she changed her mind. We told her it's way too late for us to give her a refund on her deposit (which was clearly stated to be non-refundable in the first place). So she told her credit card company that she doesn't recognize the charge.
Even though we added her emails to our dispute evidence, and submitted evidence that she was aware of the non-refundable policy for ticket deposits, we still have no idea whether we'll actually win the dispute.
Incidents like this are a major source of frustration, and your solution is going to help us operate with less uncertainty.
Got one charge back for 800EU that blew us out of the water. Would there be a mechanism to re-apply, with CB protection enabled ?
We struggled to have this discussion with a Real Person at Stripe to discuss this .. would you have any leads ?
Of course the fact that this is an upsell line item means only big businesses will pay for it, the smallest businesses owned by the people just starting out will be the only ones who actually suffer punitively from chargebacks.
Some things shouldn't be streamlined. Some pain is good. This is a really unfortunate choice by Stripe.
We will, of course, monitor it during the rollout and adjust as we go.
Yikes. Yes. Thank you. I wish i had this 2 months ago.
