[jliptzin]

We were booted from stripe when a couple of customers just decided to chargeback all of their previous transactions, each of which was pretty small, without first contacting us, so it was too late to issue refunds. That pushed our chargeback rate over the 2% threshold, so we were booted. Unfortunately the chargeback rate is measured as % of transactions and not volume. Seems like a great way to screw with a competitor would be to get a few cards with different names (on one of my cards alone I can assign up to 100 authorized users with new names and addresses), make a bunch of small transactions, charge them back a couple months later, then watch your competition get booted from stripe.

[georgerobinson]

Is there anything that makes this sort of practice unlawful?

[jliptzin]

Not that I know of, plus it would be extremely difficult to detect as each chargeback would appear to be coming from a completely different customer (different name, different address, different card number). I'd imagine this kind of attack would be especially stressful to SaaS businesses or subscription businesses in general.

[gregpilling]

every business actually. If credit cards represent a xx% of your business, then you would be pretty screwed to lose that. Brick and Mortar would have it worse because of lower net margins.