[cortesoft]

Why should a customer be stuck with the bill in the case of fraud? If someone fraudulently buys something in a store with my stolen credit card, I am not liable to pay for those purchases. Why would it be different for AWS services?

[46756e]

Right, but if someone buys say a shirt with your stolen card, it isn’t the store that picks up the bill. It’s the credit card company.

[cortesoft]

It depends on the merchant agreement, but merchants are often liable for the fraudulent charge, especially for online sales.

[hexedpackets]

Sometimes the merchant does pay for a fraudulent transaction, and sometimes the issuing bank does. The credit card networks never pay. It depends on several factors including whether the card was physically present and whether it was swiped or used a chip.

[Kranar]

This is just untrue though, my company has to eat the cost of fraudulent transactions and the burden is squarely on us to prevent it.

[poxrud]

If you’re using Stripe or PayPal then yes it is the store owner who would be “picking up the bill”.