←back to thread

Ask HN: Stripe holding funds for 120 days for no reason

158 points interesting_att | 3 comments | 22 Oct 22 15:43 UTC | HN request time: 0s | source

Hi Guys--

I started a Stripe account (even incorporated through them) for a basic graphic design and web design service business.

I process a few charges and even though I didn't get a single chargeback or dispute, Stripe decided to deactivate my account and said they would refund all the charges that were processed.

Which would have been fine with me. They said they would refund on Oct 17, but that date came and past. So I kept emailing.

Now they're saying they're holding all the funds for 120 days because of "elevated risk".

Which is insane because they have already withdrawn all the funds, meaning their risk would be zero if they refunded everyone.

I am beyond hurt and confused as I did need this money for my daughter. These decisions have real impacts on real families.

What do you do in this scenario? I have tried contacting support at Stripe but seems to be of no help.

Show context
johnhaddock ◴[22 Oct 22 18:52 UTC] No.33301001[source]
I’m the person leading the project to make sure that people have fewer bad experiences with Stripe. I’m not sure what is driving the uptick in posts on the subject to HN in particular (obviously we pay attention to broader online discussion in addition to monitoring our support systems, though we know it creates an incentive for people to publicize their situation).

On the topic of Stripe and these kinds of incidents more broadly, there’s a lot to say, but here are a few pieces of context that are probably relevant:

- We are a giant distributed bounty system for people to find interesting and scalable ways to defraud us.

- We’ve seen significant upticks in certain kinds of fraud over the past couple of months. When businesses default, Stripe takes on the loss. It’s worth noting that certain kinds of fraud, like card testing, can also have significant collateral costs for legitimate Stripe businesses, and our systems and processes are not only to protect Stripe itself.

- We are far from oblivious to the harm that mistakes in our systems can cause. (I interact with a lot of these cases personally.) One of my highest priorities is creating better appeals flows for when we’re wrong.

- We’ve shipped 7 substantial improvements just in the last 10 days that should meaningfully reduce the occurrence of false positives.

- Publicly-described facts of specific cases don’t always match the actual facts. Stripe is sometimes just wrong. (We made some mistakes that I feel bad about in one recent case and we ended up bringing the company’s founders to an all hands last week to make sure we learned as much as possible.) But users do also sometimes publicly misrepresent what’s going on. We’re also restricted by privacy rules to not share specifics in those cases.

- Stripe works with millions of businesses and we see all kinds of “rare” failure modes fairly frequently. (Disputes between staff at a business, business impersonation, businesses that start legitimate and go bad, and so on.)

- I’m working on a post to share some of our broader philosophy + policy changes that I hope to publish before the end of this year. In that, I’m also hoping we can share some relevant metrics. If HNers have any suggestions for things that might be useful to see covered (though obviously certain things can’t be publicly disclosed), feel free to suggest them.

Ultimately, we work hard to be worthy of the trust of businesses across the internet, and my personal mandate (supported by many others, from our cofounders down) is to find effective new ways of making mistakes less likely. “Uniformly good support at scale, in a highly adversarial environment, with very financially-motivated actors” is not easy, but I’m pretty confident that we can make a lot of progress.

It goes without saying we're working on a review of OP situation. I’m happy to take general questions as well. You can also always reach me directly at jhaddock@stripe.com.

replies(7): >>33301036 #>>33301240 #>>33301249 #>>33301348 #>>33301998 #>>33302054 #>>33314426 #
thot_experiment ◴[22 Oct 22 19:16 UTC] No.33301240[source]
What if, get this, instead of all this vague shit about doing better you just had a support team you could talk to without blowing up on twitter/hn?

If I wanted to charge people on the internet right now I would go with Authorize, even though I've used Stripe in the past and had good experiences. Now my understanding is that I pay for the convenience of the better API etc. with the inconvenience of being unable to talk to a human that can make decisions if something goes wrong, unless I get sufficient upvotes/retweets.

replies(3): >>33301333 #>>33301411 #>>33302047 #
benjaminwootton ◴[22 Oct 22 19:27 UTC] No.33301333[source]
This is all I want from any service that I buy from. Good, responsive support without scripted responses and black hole email addresses.

Surely that is even more important with a business critical payment provider?

I’ll forgive a lot if that is in place.

replies(1): >>33301504 #
gruez ◴[22 Oct 22 19:48 UTC] No.33301504[source]
> This is all I want from any service that I buy from. Good, responsive support without scripted responses and black hole email addresses.

Many commenters in this thread are saying OP's account was frozen because of suspected fraud/money laundering. If that's true, what would "responsive support without scripted responses and black hole email addresses" entail?

replies(1): >>33301775 #
1. slotrans ◴[22 Oct 22 20:14 UTC] No.33301775[source]
Telling the OP that this is the case. Offering them the opportunity to supply evidence to the contrary.

The standard line in cases like this (whether it's a frozen payments account, a rejected app, or a suspended social media account) is that you can't tell someone what rule they broke, because this gives too much informative feedback to actual malicious actors about how they got caught. I call bullshit. Until someone can demonstrate that this is an actual problem, I will believe it to be a fake problem, purely an excuse used by giant companies to justify their systematically hostile (and cheap) approach to customer service.

replies(1): >>33301977 #
2. timmaxw ◴[22 Oct 22 20:35 UTC] No.33301977[source]
> Until someone can demonstrate that this is an actual problem, I will believe it to be a fake problem

If a payment processor suspects money laundering, it's illegal for them to tell the business that. Under anti-money-laundering legislation, this is considered a crime called "tipping off": https://onlinelibrary.wiley.com/doi/10.1002/9780470685280.ch...

(Disclaimer: Used to work at Stripe, but not on this particular area. Not an expert on either the law or Stripe's policies.)

replies(1): >>33302007 #
3. tpxl ◴[22 Oct 22 20:38 UTC] No.33302007[source]
It is illegal to do so, but is it an actual problem?

This point is always repeated, and never proven.