Tell HN: Stripe brought my business to a dead stop
Then out of the blue I received this email:
[b]"Our systems recently identified charges that appear to be unauthorized by the customer, meaning that the owner of the card or bank account did not consent to these payments. This unfortunately means that we will no longer be able to accept payments for
Refunds on card payments will be issued in 5–7 business days, although they may take longer to appear on the cardholder's statement. Please refer to your dashboard for a list of the charges to be refunded[1]."[/b]
I have NO idea what payments they could possibly be referring to & support doesn't respond to my numerous messages. They won't tell me which payments are being refunded (dashboard link they provided just sends me to the list of ALL our payments).
Worst of all, when I attempted to process a refund for a customer who had been injured & was unable to continue training, I get an error message stating I am unable to process refunds! Am I supposed to tell my customer that my payment process won't refund his money? FYI - The payment I am attempting to refund HAS NOT been paid out yet - the money is sitting in my stripe account - but they refuse to refund it or even dignify me with a response.
I can't express how disappointed I am in Stripe's total lack of communication and indifference both it's customer's and our customers. Big, BIG mistake I made in choosing them as our payment processor - just warning you guys before you make the same mistake
84 comments
[ 0.19 ms ] story [ 203 ms ] threadThis is not customer service.
This is the unfortunate trend in the industry where the only way to get issues resolved is to take to social media and shame the company such that some powerful insider at the company (who happens to hang out on HN) takes action to sidestep the failed customer support processes and get the issue resolved.
Worked out well, happy with the support.
Do you still feel like commending them for amazing customer service?
It should not be necessary for someone to come to an online forum and complain to get the customer support issue resolved.
Stripe customer support organisation should actually resolve customer issues.
Tech companies go on and on and on and ON about "culture", but one thing I can tell you truly needs to be built into culture is customer support. For example, everyone knows Google's culture of customer support - it's "avoid all human contact, send all support queries to a machine".
I think tech companies are super bad at customer support because the founders have rarely worked front line in customer support so they don't know how to build an organisation around great customer support thus it is not part of the culture/company DNA.
Seriously, Hacker News should have a "tech support" link at the top where people can post tech support queries for companies who can't manage to respond to and keep their customers supported and happy.
Your point may be valid, if customer service dropped the ball. But we don't know that just from the info posted here so far.
We also only are getting one side of story.
Not to knock on a gym - but I'd be interested in the membership plan rules - some of fitness memberships should be flat out illegal - auto renewal for a year, can't cancel to early, but have to cancel before end of membership (short cancellation windows) and big rigmarole.
AWS support is stellar. We have workloads on the three major cloud providers, and AWS support is better by an order of magnitude. If anything, this has spoiled us. When things that take minutes to solve (or figure out) on AWS takes days on another cloud provider, no amount of technical wizardry can make up for it. They won't be dragging your feet just because you have a lower level plan, but if you want to call them to solve stuff right now on the phone or have them showing up at your company with specialists in tow, then you have to fork over the required amount. It's well spent, IMHO.
I had one guy work the better part of the day with several phone calls to get to the bottom of my non-critical issue.
Not all experiences have been excellent (I think they could head off half my tickets if their status page would just be accurate), but Amazon is far from the "do humans actually work there" category.
you don't get to be the winner in a winner take all ecosystem being dragged down by individual requests. you do your best to reduce them to acceptable orders of magnitude, and those that do hit the mines get blown up.
that's the takeaways from all large scale/VC funded platforms. they just don't care, because it's not incentivized. when you have 1 million customers, 1000 casualties are a statistic. when you have 10, it's a different story.
Have you ever tried doing the same for a Google product? Guarantee their optimizing for operational efficiency and not customer happiness. At all.
to be fair i'm not sure what their retail help setup is.
we were a small fry spending wise so it's ok, but let's not kid ourselves, they aren't pro-customer after you're on the platform unless you're throwing around serious cash.
Let's hope it gets the OPs problem resolved and Stripe uses this case as a learning experience so this doesn't happen again.
Bill Gates has said something like "Your most unhappy customers are your biggest learning opportunity."
Customer service rep turned engineer here. I think this true, but I also think that so many founders just don’t care about customer service. Investors are far more interested in new customer acquisition than retention, so naturally more resources are going toward customer acquisition.
Customer service is an afterthought cost center that barely pays and experiences high churn in 90% of the companies I’ve worked for in my career.
In my experience the Silicon Valley approach to it is to optimize your product for the 98% of customers who won't need anything more hands on from you, throw some automation (in the form of documentation, chat bots, and phone menus) at the remaining 2%, and don't worry too much about anyone who falls through the cracks past that.
Which can lead to a great experience most of the time unless you're one of those unlucky leftovers, in which case the ground falls out from beneath you into a labrynthine Kafkaesque hell proportional in brutality to the size of the company and the extent to which you depend on it.
I appreciated his honesty. It was a cost center designed to not achieve a favorable outcome for the customer.
Good investors (I.e, the ones who make investments that turn out to be successful) care a lot about retention, as it’s the strongest indicator that the product/service being offered has enduring value/appeal.
OTOH, every system has its limits and failures, and effective monitoring of communication outside official systems is one way that organizations can figure out what's not working about their system.
The real test is if they handle issues with one-off fixes and situation-specific exceptions, or if they figure out how their official channels failed and fix it.
So, I'd like to see Stripe feel enough heat that they decide that any time they suspend service for a customer, that customer is (1) immediately entitled to talk to a live person at Stripe with the authority to undo the suspension (probably probationary and with limits while being appealed and investigated) and (2) guaranteed a quick resolution process that involves access to real people with authority.
If Stripe's policies are that going with them means living with a Sword of Damocles forever hanging over your head, that should be well-advertised whenever they are discussed.
In desperation, I texted a friend who works in Google's marketing dept, and it was resolved in 30 minutes.
All companies, including those selling non-free services like Stripe, should sell expedited customer service (resolution guaranteed within X hours for $Y).
"have to" and "need" are strong words that I don't think you're in a position to use here.
Maybe didn't "have to" and they were just panicking. Maybe this post didn't "need" to be made.
Good customer service means that the issue is dealt within the standard support pipeline. That clearly failed, based on the wording of the post, especially mentioning that they received no response from support on the matter.
The fact that OP got support once they called Stripe out on social media, while great for OP, is not something to be admired because it means many people are also likely falling through the cracks and just giving up instead of reaching out on other channels.
Instead it's the ol' support over Hacker News I guess.
right? how many accounts are they shutting down every day that somebody can't pick up a phone?
Plenty of customers sign agreements without understanding what charges they will incur, and gyms are notorious for this. But Stripe cannot simply shut down a business without hearing both sides of the story.
If there was a human review in this case, then no amount of HN publicity should revert the decision. If it does, that would expose the review process as being heavily flawed.
Horrible experience. I'll still use Stripe for the convenience and hoping that they improve the situation with these kinds of potentially life shattering account locks and provide more humane customer service
The issue with Stripe's ethos is that it wants to stay really lean, which usually means not scaling customer support. If the entire company is 2000, how many full time support staff do they have? How has the headcount grown with # merchants onboarded?
This isn't specific to Stripe, by the way. I think Google has the same culture around support. My Google Pay account has been in a permanently screwed up state for years and have never been able to reach someone to resolve it. They just care about operational efficiency above all else.
On the other hand, I actually think Square has a very mature and responsive support staff. I have gotten what would probably be considered low priority issues resolved in less than an hour through various channels.
For instance, Authorize.net allows you to bolt on a merchant account, but retains the tokenization of the customers digits. So if one merchant account was restricted, a quick phone call to Authorize.net would allow you to switch over to another ready-to-use merchant account. And you could continue billing via existing subscriptions.
This is similar to the conversation about domain name hosting. Do you allow your name host to also be your web host? Or do you diversify to hedge against getting locked out?
I learned from previous experience, never have a single payment processor ever. The best rule of thumb pay the higher fee but diversify.
One caveat. For online businesses it is very hard to dispute most chargebacks. The card company typically wants you to FAX back a copy of a receipt or invoice for the charge bearing the customer's signature. That's fine for businesses like the OP's, which deals with customers in person, but for most of us who deal with customers via an online shopping cart...nope.
> I learned from previous experience, never have a single payment processor ever.
Note that if you are handling recurring payments then in order to have the flexibility to switch processors you need to either handle credit card storage yourself, or make sure whatever processor vaulting service you use provides a way to export the raw numbers in case you want to switch processors, or use Spreedly or something similar.
We do our own storage where I work. PCI compliance is a bit of work, but it is not as bad as most people think. (If you transaction volume is high enough to not be allowed to the the Self-Assessment Questionnaire, then it is probably as bad as most people think).
Every time it is time to renew the reserved instances at our hosting service that are involved in card storage and would no longer be needed if we used a vault at a processor or a service like Spreedly, we've taken a look at the number of cards we have stored and the transaction volume to figure out the vaulting costs, and so far it has come out cheaper to continue doing it ourselves.
Another issue with using a vaulting service is how to handle expiration dates. The expiration date printed on the card is the date after which the physical card is not supposed to be accepted, not the date that the number itself expires. If you have the card on file for authorized recurring payments, you can continue to charge the account after the physical card expires. But most gateways will reject a transaction at the gateway if the date you supply is in the past. Most gateways have some way to tell them you want to go ahead and try to charge the card even though the expiration date of the physical card is past. You want to make sure that when using such a card from the vault, you can still tell the gateway to try it.
Also make sure that vault works with the card updater services. Visa, MasterCard, and Discover (not sure about AmEx) provide a service whereby a merchant can provide a list of cards the merchant has on file, and the card company will tell them which are still good as is, which have new expire dates but the same number (and give the new date), which have both a new number and date (and give those to you), and which have had their underlying accounts closed.
You have to be able to give the updater service full credit card numbers, so if your cards are in a vault service, you'll have to have the vault service do the updater querying for you.
* a fitness studio
* recurring memberships
* any type of discount or free trial period.
From stripe's ban list:
"offering substantial rebates or special incentives as an inducement to purchase products or services;"
From a high risk provider:
"The main reason for the high risk tag is use of the recurring billing model for memberships. Customers usually give one-time permission up front for the business to charge them monthly until the customer cancels the membership. If customers skip over or forget about the terms of the authorization form they sign, these recurring charges might come as a surprise, leading them to initiate a chargeback against the business. This is a very common scenario for free trial models that lead into recurring billing. After a free trial, the start of an auto payment plan might catch the customer off guard.
There’s also the possibility of “friendly fraud”—when a customer abuses the chargeback system just to get their money back. Maybe they stopped using the membership and forgot to cancel. In any case, this can also lead to a chargeback against the business."
https://www.bankcardusa.com/health-fitness-merchant-accounts...
If you are going to be doing a business model that is not high risk - none of those items above are a yes - I would reach out to stripe and get things cleared up.
1) how easy is service to cancel. Put your cancellation link online not behind a business hours automated phone tree.
2) how trial periods work. Send customer email 3 days in advance to notify them that billing will begin if they don't take action and amount of bill with an easy way to cancel if desired.
Some SAAS I think is always high risk, SEO tools, email marketing, adult services related etc? Someone probably has a better high risk SAAS list. Basically, can someone uses a stolen card, or even their own card and signup for this service, spend $10K blasting emails to people, then claim unauthorized?
Stripe is really trendy but this site isn't so fond of them: https://www.cardpaymentoptions.com/credit-card-processors/st.... There are hundreds of other providers to choose from. I'm not sure I'd trust the site's recommendations directly, always do your own research too, but it's a useful starting point.
Guess I'll scratch that plan!
- We DO NOT have ridiculous membership commitments w/ auto-renew. Our membership is month to month (unless you've prepaid for 6 or 12 mos). - It's been approx a week since I received the email suspending my account. At first, I tried to contact support by chat or phone, but it seems that when they suspend an acct, they block your ability to contact support by any method except by email...of which I sent approximately 8 with no response. I realize it hasn't been that long, but we're a small operation - I can't afford (literally...cannot financially afford it) to let this drag on for weeks or months w/o a resolution of some sort.
Quick update - After sending an email to Edwin@stripe, I got a response within the hour. Thank You Edwin. This was the reply:
"Unfortunately, we will only be able to accept payments for xx for a bit longer. Stripe can only support users with a low risk of customer disputes. After reviewing your business and account information, we've found that your business presents a higher level of risk than we're able to work with.
As noted above, your service will not end immediately—we understand that moving away from Stripe can take time. To help with the transition, we are able to provide you five additional days (beginning today) to switch to a new provider. Because of the elevated dispute risk here, your account balance will be placed on reserve for the next 90 days, the industry-standard period during which most payments are disputed. During this time, the reserved funds will help cover any disputes or refunds on your account. The remaining balance will transfer to your bank account at the end of this period[1]."
Not really telling me anything new - we're not a "high-risk" industry (according to Stripe's list) and have not had any disputes or chargebacks AT ALL. Be that as it may... But I still CAN'T REFUND PAYMENTS TO CUSTOMERS! <sigh>
For a few years I worked on a startup that aimed to address fraud management in e-commerce from a quantitative risk modelling perspective. And when Stripe released radar 2.0, I went through their docs. I was impressed by Stripe's marketing (docs) and UI—they're knowingly good for that, but I was much less impressed by radar 2.0's feature-set and product. The biggest issue for me was their "one-size-fit-all" approach, because that just does NOT work in what I've seen, i.e., both billion- and million-euro businesses.
From a risk management perspective, a 2-7% gross margin e-commerce manages risk totally differently than a 50%+ gross margin e-commerce. For one, the false negative (i.e., a fraud gets through) is super-expensive. For the other, a false positive (i.e., a real client is stopped) is super expensive. And I did not see anywhere in their docs how they integrated the cost-imbalance of the risk for each of their client (you), and event less for each of their client's clients! It's possible to do, but it's hard.
Of course, like any fraud prevention system, radar 2.0 allows clients to add rules and lists to customise their logic, but these mechanisms are difficult to setup when you start processing payments, because you don't have yet any payment history, as well as when your e-commerce gains in velocity and complexity, because you don't necessarily have the in-house resources or skills to keep your rules and lists up to date and well maintained.
And in the lucky case that one just feels happy with Stripe's radar 2.0 system, then how do you know that you're not loosing customers? Having no risk of chargeback is very easy, just don't accept any payment and you've a risk-free e-commerce! In my experience, we increased sales by 7% (a few tenths of millions of euros) by just re-parameterising how fraud was managed. I don't see anywhere anywhere in the docs why and how I should trust radar 2.0 for the specifics of e-commerce A, B, and C. One-size-fit all just doesn't work.
As a former startup founder in that area, I still see we're a long way towards personalised risk management in e-commerce services, that would help owners throughout the different stages of their e-commerce, i.e., idea, proof of concept, scaling, growth... sounds similar?
Best of luck :-)
Is your credit good? That's sometimes another flag that can come up.
That said, people should remember that there are two sides to every story and account for the fact that the other side isn't available here. That makes me think there's more going on than meets the eye, especially since the financial space is regulated and there may be legal or institutional constraints on what they're able to say. If the issue were simply a failure to do good service, they would be smart enough to say so and correct it; it would be in their interest to do so and that's what they've done in the past. So there's probably additional complexity and we don't know what it is.
There's a lot of incentive for fraudsters to put pressure on payment processors with fake stories on social media. Their hope is that the processor re-enables their account so they can continue charging stolen credit card numbers.
I was an early adopter of internet commerce but I got my fingers burned several times when companies made unilateral decisions against me and provided no simple means of contact between me and them.
I now refuse to use any super-duper payment system that does not have my bank as a buffer between me and them.
Call me a Luddite if you like. But I feel happier.
There is always a risk to go with a big player when you’re small. They don’t give a shit about you. You barely move the metric.
When you go with a small player, the risk is they may die.
Only a few companies have been able to do support at scale. Amazon comes to mind being last focused on customer. Microsoft may be second in hand holding their enterprise customers.
I've extensively used both Merchant e-Solutions and Authorize.Net, both of which have been around a lot longer than Stripe, and not had trouble getting support from either. (Also, Authorize.Net is actually owned by Visa, which is certainly not small).