←back to thread

Stripe records user movements on its customers' websites

(mtlynch.io)
1134 points mtlynch | 1 comments | 21 Apr 20 17:01 UTC | HN request time: 0s | source
Show context
WesolyKubeczek ◴[21 Apr 20 19:18 UTC] No.22938375[source]
This is not the only thing that bothers me about Stripe.

For example, if you run a Stripe Connect platform, and you set up webhooks to receive some events asynchronously, Stripe will send you all events of the types you select about the accounts connected to your platform, no matter if the events are related to your platform or not.

There may be applications which might need to receive all the activity, but in a simple case of a marketplace which allows merchants to sell stuff and collect a small fee, this is a disturbing amount of information. If I were a bad actor, I could silently collect the information about my merchants' activity on the marketplaces of my competitors.

Moreover, if your platform has enough merchants, you could track their buyers. Stripe will readily hand over all this information to you. In a charge.succeeded webhook alone, you get quite enough information to fingerprint a customer, and if you use some deduction, you can identify them, too.

This sounds like putting a Ring of Power into the Gollum's hand all of a sudden.

I'm wondering if the marketplaces should hang a big warning, for privacy reasons, that "this site uses Stripe for payments. Any payment information might be shared with an unknown number of third parties, and there's diddly we can do about this."

replies(2): >>22938464 #>>22939503 #
ryneandal ◴[21 Apr 20 19:28 UTC] No.22938464[source]
Almost like a...services agreement (https://stripe.com/legal#section_d)?
replies(1): >>22945810 #
1. WesolyKubeczek ◴[22 Apr 20 14:18 UTC] No.22945810[source]
Look, I'm just a random Joe who wants to buy a handmade mug on a marketplace with handmade mugs. I don't even know at any point that this is powered by Stripe. When I buy the mug, lots and lots of PII flies, via the webhook, not only to the marketplace through which I bought the mug, but also to that other place to which my particular seller is connected, maybe they sell handmade Bilbos. And that place which is an aggregator of spaces-to-let. You name it. It's not Stripe per se, it's the unknown number of unknown third parties.

And at this point, a wild commenter appears and tells me, the random Joe, that Gotcha!, you should read all that legalese for Stripe! Dammit, should I also fire up the web inspector on each site I visit, just in case they use something I should be privy to the legal terms of?

Listen, bub, at no point I (the buyer) and Stripe even enter a contract. I want to buy a fricking mug and I'd just be happy if that information stayed between me and whoever sold that to me.