[Silhouette]

If I need to do anything more than sending the message (on my own schedule - this part is important, I manage my personal life on nights and weekends) saying “hi, I’d like to cancel please” in order to actually have service cancelled and billing stopped, I’m likely to be frustrated and not give any feedback.

It's important to be reasonable about this, though. Email isn't secure, and anyone could send an email pretending to be you. If there are irreversible consequences to cancelling, such as deleting personal data held on the service, not only would it be irresponsible to accept an unverified email message as a cancellation request, it could actually be illegal in various places (under the GDPR, for example).

Not providing a straightforward cancellation option via a website where the customer's identity has already been confirmed using their normal credentials is a different matter entirely.

[powersnail]

Email isn't secure, but neither are phone calls.

If a customer emails to cancel, just email back a cancellation link that requires signing in. I think that's a good middle ground.

[Silhouette]

Sure, but you can exchange credentials over the phone with acceptable safety in most situations, after which it's reasonable to accept that the other person is who they claim to be.

Obviously if someone does email asking to cancel, a suitable method of cancellation should be explained to them.

[sethhochberg]

For sure - that message should be via whatever the secure channel for support happens to be, if someone is going this route. I appreciate someone doing something a bit more robust than “tweet at us and promise you are you who say you are”