[shash7]

I run a saas and we get this every now and then.

As a rule of thumb, when you get a chargeback you need to completely ban the customer from your db. This includes:

- card ban - email address ban - fingerprint their access and ban

This will save you a lot of hassle when they try to signup/buy your product again and cause you the same amount of grief.

[epa]

Exploiters easily get around this. its a small group of people doing all of the abuse.

[Cider9986]

All 3 of those identifiers can be easily changed by advanced users. I'm curious what you mean by fingerprint their access. Is this like an on demand fingerprinting, I've only seen browser fingerprinting as a tracker for every user.

[UqWBcuFx6NV4r]

if i had a dollar for every time a developer “perfect is the enemy of good”’d me

[imp0cat]

Nice try, chargebacker! ;)

[Cider9986]

I try to pay with Monero, so I can't chargeback :)

[wahnfrieden]

Use DeviceCheck if iOS app too. Uber does this to ban across accounts

[lxgr]

Great, another thing to worry about when buying a used phone: Did any of the previous owners get banned by any of the apps I intend to use on it?

[joshstrange]

That's an interesting idea. The sad thing is, the money lost through chargebacks is minimal for me in the grand scheme of things but it makes me irate enough to potentially spend the development time (that will never have a positive ROI) on adding in something like this just to stick it to the scammers.

[wahnfrieden]

It is at least very simple to implement. It's a simple API. Useful capability for banning abusive users too if you have social elements or other abuse vectors besides payment.

[Cider9986]

I imagine most fraudsters wouldn't be using iOS. I'm curious if the android app fingerprinting solutions go cross user profile.

[ACCount37]

As far as I know, DRM systems like Widewine have IDs that cross user profile lines.

[super256]

Just force 3d secure, as it shifts the liability to the customer's bank. Most people don't mind opening their banking app on the phone for confirming the transaction if they really want the product for itseprice.

[gingerlime]

if customer fraudulently claims to their bank that they haven’t received the product, the bank files a chargeback and 3DS does not protect the merchant against it.

[anticensor]

most banks refuse chargebacks from 3ds transactions

[gingerlime]

even if the customer claims the product never arrived?

[anticensor]

yes some do even in those cases

[checkmight]

Not True Non fraud reasons ( NR or Credit not processed) can be filed 3DS adds no friction

[shawnz]

You'd better be promptly responsive to legitimate customer support inquiries if you are going to have a policy like that

[joshstrange]

This comment struck a nerve with me and perhaps you didn't mean it in this way but:

Yes, many of us are incredibly responsive to customer support inquiries (I have a <1hr response time unless you send in a ticket when I'm sleeping) and it doesn't matter. Fraudsters gonna fraud. This isn't a case of "they asked for a refund, we refused, they issued a chargeback", it's a case of a scammer being a POS.

I've dealt with my fair share of chargebacks and in every case I've seen it's someone being a jerk and never a legit case.

The fact that Stripe won't help you, the banks don't care about all the evidence you have, and you end up out the money for the product _and_ you get hit with a chargeback fee on top of it is madness. I could literally have video of the person holding up their ID saying "I XXXXX agree to pay YYYY" and banks would still side with a the scummy scammers.

I have, quite literally, never had someone reach out via support and then file a chargeback later. They do it without reaching out, probably because they are a trash person and they have no interest in getting anything fixed and are just scammers.

[shawnz]

Yeah, I know chargebacks are a frequent vector for abuse and of course I don't mean to imply that customers doing chargebacks ought to always implicitly be given the benefit of the doubt.

Given that you are responsive to inquiries, it makes sense that you'd rarely if ever have a legitimate chargeback -- because there's no reason for a customer to resort to chargebacks if the vendor is willing to work with them to resolve legitimate issues.

But I know of many examples of people needing to resort to chargebacks due to ineffectual customer support, and then having their accounts banned and being cut off from other unrelated services from the same vendor as a result. I don't think that's an appropriate response and vendors should be careful not to let that happen if they instate such a policy.