Sorry about this. Could you email me at edwin@stripe.com and I can dig in?
replies(5):
I started a Stripe account (even incorporated through them) for a basic graphic design and web design service business.
I process a few charges and even though I didn't get a single chargeback or dispute, Stripe decided to deactivate my account and said they would refund all the charges that were processed.
Which would have been fine with me. They said they would refund on Oct 17, but that date came and past. So I kept emailing.
Now they're saying they're holding all the funds for 120 days because of "elevated risk".
Which is insane because they have already withdrawn all the funds, meaning their risk would be zero if they refunded everyone.
I am beyond hurt and confused as I did need this money for my daughter. These decisions have real impacts on real families.
What do you do in this scenario? I have tried contacting support at Stripe but seems to be of no help.
If something is clear, is that Stripe support is not that great and that HN is the last resort for many people.
> What do you do in this scenario? I have tried contacting support at Stripe but seems to be of no help.
OP is clearly asking for advice, not just idly whining. The fact that Stripe is a YC company (no, I'm not saying that this means HN becomes the de facto support channel for any YC company) and the fact that many developers in the HN crowd use Stripe means HN is as reasonable a place as any to ask for advice on how to proceed.
(Let's also have a bit of empathy towards someone whose funds, which could quite possibly be the livelihood they depend on, is locked up by an unresponsive, faceless company.)
Unless there’s specific external regulation, there’s a regression towards being awful.
There's a gamut of actual reasons things go wrong, which I also learn from these "support tickets" and the associated comments. So also thanks to everyone who helps clarifiy what kinds of risks make problems more likely.
The trend of people only getting support if they post on HN is very concerning and is damaging to Stripe's reputation. Word of mouth spreads easily and quickly.
If I were you, I would have a very stern chat with the support and finance departments. Clearly, there are people in there that only look out for the company and not the customers.
Granted, that's not a resolution, just a first contact, but in a case like this I'd want to explore every avenue, immediately.
Having an actual merchant account, and going through KYB, seems like it’d solve a lot of these problems.
Add in the fact there are people trying very hard all the time to defraud the payment processor.
So now you can directly measure false negatives in fraud detection, but your false positive rate is harder to figure out. And whatever mechanism you use to recover from false positives can be abused by true fraudsters.
So it becomes a hard problem - but it is a problem which customers of the payment processor are paying them to solve. So it’s definitely reasonable to expect better.
1: I think a reasonable-ish definition of tipping off: https://onlinelibrary.wiley.com/doi/10.1002/9780470685280.ch...
Either it's not a business, but a mere hobby, or there is something to it you're keeping from us.
Probably the former, but it makes me immediately suspicious, even with the recurring and well-documented "situation" with Stripe.
If they hold a bunch of cash from people it is effectively theirs for that period of time. This could prevent them from needing to raise a funding round if done enough.
Some businesses are literally customer funded like these.
If you want to read more search for "negative cash operating cycle".
and then your normal sized payments will be well within the expectations of size and volume so the payment processor won't flag your account
In the U.S., I don’t think money transmitters are allowed to do this. (They can keep the interest earned on it.)
Financing from deposits is more a crypto thing.
They think their P99 customer service is great but 0.1% of their customers are experiencing a catastrophic level of experience and they simply don’t care. They are ignoring it because it doesn’t show up on any of their metrics or dashboards but it has a catastrophic effect on a small number of customers.
Companies like Stripe need a swat team that deals with these P999 catastrophes, but given their scale it’s probably cost prohibitive, so they just say “Fuck it.”
On the topic of Stripe and these kinds of incidents more broadly, there’s a lot to say, but here are a few pieces of context that are probably relevant:
- We are a giant distributed bounty system for people to find interesting and scalable ways to defraud us.
- We’ve seen significant upticks in certain kinds of fraud over the past couple of months. When businesses default, Stripe takes on the loss. It’s worth noting that certain kinds of fraud, like card testing, can also have significant collateral costs for legitimate Stripe businesses, and our systems and processes are not only to protect Stripe itself.
- We are far from oblivious to the harm that mistakes in our systems can cause. (I interact with a lot of these cases personally.) One of my highest priorities is creating better appeals flows for when we’re wrong.
- We’ve shipped 7 substantial improvements just in the last 10 days that should meaningfully reduce the occurrence of false positives.
- Publicly-described facts of specific cases don’t always match the actual facts. Stripe is sometimes just wrong. (We made some mistakes that I feel bad about in one recent case and we ended up bringing the company’s founders to an all hands last week to make sure we learned as much as possible.) But users do also sometimes publicly misrepresent what’s going on. We’re also restricted by privacy rules to not share specifics in those cases.
- Stripe works with millions of businesses and we see all kinds of “rare” failure modes fairly frequently. (Disputes between staff at a business, business impersonation, businesses that start legitimate and go bad, and so on.)
- I’m working on a post to share some of our broader philosophy + policy changes that I hope to publish before the end of this year. In that, I’m also hoping we can share some relevant metrics. If HNers have any suggestions for things that might be useful to see covered (though obviously certain things can’t be publicly disclosed), feel free to suggest them.
Ultimately, we work hard to be worthy of the trust of businesses across the internet, and my personal mandate (supported by many others, from our cofounders down) is to find effective new ways of making mistakes less likely. “Uniformly good support at scale, in a highly adversarial environment, with very financially-motivated actors” is not easy, but I’m pretty confident that we can make a lot of progress.
It goes without saying we're working on a review of OP situation. I’m happy to take general questions as well. You can also always reach me directly at jhaddock@stripe.com.
They are literally funding themselves out of deposits, in a small way if they keep any persons money for any period of time. If they start doing it to lots of people for months at a time then they are at least partially funding themselves from their customers.
Lots of businesses do this incidentally. A good one is businesses selling gift cards. It's not the same; but this set of conditions is not super uncommon.
No offence, but you're doing a bad job.
No, they probably are not. It’s illegal and money transmitters are regulated.
What they are doing is collecting interest. One tends to see less scrupulous transmitters hold funds longer when rates rise. I didn’t think Stripe fell in this category, but it’s becoming difficult to say.
> good one is business selling gift cards
You’re right. (Also customer deposits.) This doesn’t apply to money transmitters, however.
Why not? You could use it to lower the cost of your services. (Someone is obviously earning interest on it. Better you than your bank.)
[1] https://www.mtraweb.org/wp-content/uploads/2022/10/Contact-l...
Even the IRS does it.
If I wanted to charge people on the internet right now I would go with Authorize, even though I've used Stripe in the past and had good experiences. Now my understanding is that I pay for the convenience of the better API etc. with the inconvenience of being unable to talk to a human that can make decisions if something goes wrong, unless I get sufficient upvotes/retweets.
ETA: Maybe it's more that they can't give you any information because they can't allow adversaries to differentiate between glitches, random screenings, and investigations?
Surely that is even more important with a business critical payment provider?
I’ll forgive a lot if that is in place.
If this were true, these posts would not gain sufficient upvotes to consistently make it to the front page.
Clearly something is wrong at Stripe, it has potential to affect many HNers, and it is not merely whining but is seeking advice.
In any case, it appears both from the front-page location and the very light gray font on your comment, that your view is strongly outnumbered this month.
It might not be anything you did personally, it might be based on location or business type.
Talking to them is probably the best course of action though the front-line people won't be able to make a decision. I'd lookup their CEO's e-mail and send a short "I'm a small business and my funds are being held 120 days, please help" and that will usually get routed to someone who can make a decision.
Many commenters in this thread are saying OP's account was frozen because of suspected fraud/money laundering. If that's true, what would "responsive support without scripted responses and black hole email addresses" entail?
(Disclaimer: Used to work at Stripe, but not on this particular area. Not an expert on either the law or Stripe's policies.)
I have been on stripe for years but stories like this makes me panic
> We’ve been investigating this case for the past 24 hours, and it's not straightforward. I can’t share more publicly here, but we’re in touch directly with OP.
Can you lay out your version of the events please and give written permission for the Strip guy to lay out his version as well?
Curious to see how the two line up.
The complainer can also misrepresent the case, while Stripe cannot disclose how they see it. Making any assumptions about service quality on that base is not wise.
This is not hard. The thing we want is the confidence that if something goes wrong we'll be able to talk to someone who can help sort it out.
The uncertainty is the problem. You are not doing a good job of making me feel like you understand that.
* Your funds are suddenly frozen. No easy recourse (if any)
* The percentage they withhold is suddenly higher. Tough luck
* Your business is deemed high risk and they cut ties. Their reasoning is a black box
Why is there never advance warning? It's the lack of courtesy that gets to me.
Some napkin math:
Assuming that a customer gets paid monthly by stripe, that would mean the amount frozen by stripe would be 1/12 of a customer's ARR. Applying the federal funds rate to that over 120 days works out to a cost 0.0843% of customer's ARR. Meanwhile, stripe charges 2.9% in fees. Not all of that goes to stripe, some goes to banks in the form of interchange. If we assume stripe gets 0.5% after interchange, that would mean the losses from losing the customer for one year alone would be 0.5%, an order of magnitude higher than whatever interest they'd be forced to pay.
[1] current federal funds rate is 3.08%. if it's applied over 120 days, it works out to around 1.01%
The standard line in cases like this (whether it's a frozen payments account, a rejected app, or a suspended social media account) is that you can't tell someone what rule they broke, because this gives too much informative feedback to actual malicious actors about how they got caught. I call bullshit. Until someone can demonstrate that this is an actual problem, I will believe it to be a fake problem, purely an excuse used by giant companies to justify their systematically hostile (and cheap) approach to customer service.
They give you advanced warning in the T&C. If they gave more warning, this could assist people who commit fraud. Fraud is not some imaginary issue. It's very real and very problematic.
I'll say it again, get your own merchant account if you don't like this.
How do you know that the people posting about problems they had for “no reason” are being honest and not disingenuous? They could be leaving out key facts or straight up making up a story that they feel will gain enough traction for it to end up on the front page.
A Stripe employee replied elsewhere that they have been looking into the poster’s case for the past 24 hours and it isn’t straight forward. So either Stripe is lying or the poster was getting support but they didn’t like the way things were going or maybe they felt they weren’t getting support because Stripe was taking a few days to respond because they were investigating the situation.
We have no way of knowing the truth. Stripe and/or the poster could be lying or they could be telling the truth or the truth could be somewhere in between. And we will never know what the reality of the situation is.
I’m really not trying to be provocative, I’m just trying to figure out why in situations like this HN seems to take the complaints at face value. At least that’s what I’ve seen. If people have examples of complaints like this not being taken at face value by HN I’d love to see them.
If a payment processor suspects money laundering, it's illegal for them to tell the business that. Under anti-money-laundering legislation, this is considered a crime called "tipping off": https://onlinelibrary.wiley.com/doi/10.1002/9780470685280.ch...
(Disclaimer: Used to work at Stripe, but not on this particular area. Not an expert on either the law or Stripe's policies.)
Can't you just offer paid, guaranteed support? People will gladly pay for it.
Not affiliated with Stripe in any way, but I used to work on payment fraud detection on a comparable scale. I'd say this describes ~90% of the cases that I saw that got traction on social media with a good sob story. Many of them were egregiously misrepresented to the point where it was obvious that they were trying to run a scam and use public pressure to get some result that they clearly didn't deserve. It's quite frustrating in those cases where your model says they're 99% fraud, your domain experts who actually investigated the issue say it's 100% fraud, and your privacy/legal/strategy policy prevents you from just responding with "this is BS and here's why".
If it was just about executing I’m sure they would have done that by now.
What you call “wishy washy” is what I read as him laying out the problems on a high level.
Just because the person you're talking to is a representative of a scolded vendor does not give you the right to be a jackass.
That assumes the OP's problem deserves to be solved. We have no way of knowing that unfortunately, as there's non trivial chance OP did something not quite kosher knowingly or unknowingly.
In this case with the person from Stripe responding that the situation isn’t straightforward and the OP sharing minimal details and not making any follow up comments I’d be inclined to side with Stripe here.
There are also some small chances that the company will try to reach a settlement to avoid a ruling that would give a lot of customers a strong lever before they can update their ToS (which could mean a much larger payout in return for signing some NDAs), that you are awarded additional punitive damages (pretty unlikely here though, I'd guess), or that you find a consumer rights organization that is willing to cover your legal fees. And of course, some people are willing to fight for their rights even if it doesn't make sense financially (this guy [0] fought and won a 22-year legal battle against Indian Railways over something like 20c).
Sorry, no. Their inability and/or incompetence at avoiding fraud without mysterious hidden "rules" (i.e., security through obscurity) is their problem.
Not the customer's.
"Double secret probation". Bah.
It's not in the community interest to drive away people who are posting about their work. For most of us, our work is what we know the most about—so that would be a strict loss of interesting discussion.
Cut the crap, please. Have the CEO step in and stop your broken automated flags. Put real humans in the appeals process and give them meaningful powers. Stop giving people the run around, and stop posting meaningless fluff.
I use Stripe as payment method. And Stripe suspended my account 1 week ago. They said they do not allow social media business.
It is a bad experience for me.