Stripe records user movements on its customers' websites

(mtlynch.io)

1134 points mtlynch | 1 comments | 21 Apr 20 17:01 UTC | HN request time: 0.195s | source

Show context

ScoutOrgo ◴[21 Apr 20 18:27 UTC] No.22937822[source]▶

I recently worked on a fraud detection POC with a few vendors in this space and it is common for them to require adding a js snippet to capture info like this. This isn't out of the ordinary behavior.

replies(1): >>22940212 #

neop1x ◴[21 Apr 20 22:58 UTC] No.22940212[source]▶

>>22937822 #

But this IS wrong!! What if my browser doesn't support javascript? It won't allow me to purchase anything! Why there HAS to be javascript to prevent fraud? That is simply an abuse of programmable functionality which was not made for such purposes. Aren't those credit cards safe because they are electronic and todays transactions can be reversed, tracked and that fiat money are just database rows?!

replies(4): >>22940608 #>>22940616 #>>22940657 #>>22942988 #

1. Shank ◴[21 Apr 20 23:59 UTC] No.22940608[source]▶

>>22940212 #

> Aren't those credit cards safe because they are electronic and todays transactions can be reversed, tracked and that fiat money are just database rows?!

Whether or not the money is actually safe or not doesn't really matter when the card networks routinely assess penalties that affect the business. Running cards that have transactions that are later disputed, or for having too many disputed transactions in a certain period of time gets you penalized. The card networks do not make consumer protection programs free, and so fraud prevention happens at every layer. It is as much a battle between a vendor and the card network as it is a battle between a vendor and fraudsters.

↑