[Shank]

> I’m also surprised to hear of this industry wide blacklist. That type of collusion feels like it could easily be abused.

MATCH/Terminated Merchant File are well documented to those who pay attention. Visa, MasterCard, and AmEx are happy to rip the payment rails away from businesses who carry undue risk or are perceived to be dangerous. There's an entire list of Prohibited Businesses that Stripe maintains, which more or less echoes what their dependent card networks also have problems with: https://stripe.com/legal/restricted-businesses#prohibited-bu...

The truth of the matter is that this system is not fair, and if you want to use it, you're playing by the payment processor's rules.

[king_of_goats]

Absolutely makes sense to have something like that, for genuine scammers, mass offenders, etc. But being but on that list for a few measly test payments to make sure your software is working properly? That to me sounds LUDICROUS.

[_DeadFred_]

When I worked on PCI certified software it was a 'you will be fired' thing. If you are just implementing something for a single customer and they have a processor account for a single site, I wouldn't do it but I guess you could. But if they have say 40 sites using this payment processor, and you could bring down all 40 sites so that they can't make any sales?

Edit: Do you really think banks' compliance departments are going to care about your argument? 'I was only doing this thing your documentation says not to do a few times'? 'I only knowing made the first transactions across your gateway in intentional violation of your requirements but I was going to stop violating them later'? Do you want to put your job/work on the line for that?

[uudecoded]

You'll be fine. BUT be sure to keep your live card out of a testing environment, because that's a PCI violation.