New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
That makes no sense. Did you use logic on that or just rushed to be an asshole?
You don't even know wtf you're arguing, just trolling.
Just saying as im my first post here what the process looks like.
You do realize in eu at least there are laws and you can't just ask identity verification for no reason. Also depending on what kind of data is asked you are required to provide alternative methods of verification if you don't get consent. It's also not allowed for automated fraud check to be the only input for decision making process. So if automated fraud check fails you do a manual check and if that fails you refuse service. You don't do what is in essence a blackmail; either give stripe your data or use a non refundable payment method which limits customer rights like the ability to make chargebacks.
The problem is that you have no idea what the process is.
You do realize that Stripe complies with EU laws. Also, the customer in this case is not from the EU, so that is completely irrelevant and it is clear that you are jabbering about things that you do not understand.
It's pretty clear what it looks like. The autmated fraud check fails and this results in a blackmail of either giving your data to stripe or giving up your rights by using a different payment method.
Some people need to read terms better. Stripe/Claudflare/Google complies with EU laws, does not mean you using Stripe/Claudflare/Google complies with EU laws. In most cases how they comply is to do things on your behalf and on your instruction, meaning the responsibility of compliance and determining the legal basis of processing is on you.
I have no idea where the customer is from. But let's not pretend this process is not used even on eu customers regulary.
When you ask your customers to go through identity checks you do it just because you're an asshole? Or when there's a high risk of fraud or stolen identity you just accept payments from suspicious sources as long as you don't have to give the money back?
He gave the money back very promptly according to the process established within the company. You are obviously just trolling at this point.
Perhaps you need to read more carefully. Money was returned from a payment method that allows chargebacks but the suspicious source of that payment was offered other method of payment.
Who cares? They always had the option to use one of those payment methods anyway.
Giving your details to the payment processor would not be burdensome or relate to blackmail in anyway unless the client was trying to hide criminal activity, in which case, wtf are you getting on with? You're just making shit up. Payment processors are not the government, whatever imaginary rights you're thinking about are just that, imaginary.
It's a good thing you're in the US, which makes your continued trolling make no sense.
I'm sure there's a valid reason Stripe determined you were a risk, as evident by this thread
wtf are you talking about? The hosting company goal is to prevent abuse against them. Your whole bitching is all about the customer not being able to chargeback? Fuck sakes.
I agree it would not be burdensome. So the client is obviously trying to hide criminal activity as you just said. So in this case the correct procedure is to refund his credit card and ask him to pay by crypto as it's a criminal activity. Any more bright ideas such as this one?
I'm not the OP and you don't know where I'm from.
You have reading and logic problems. There's no helping you.
Dustin correct about Stipe, being totally reasonable and good PR, and still getting a hard time from OP, sad.
Waiting just 3 hours, not even asking for a refund (which is now given and obviously Racknerd would have obliged if asked), and opening a forum thread... 😐
When e.g. Hetzner asked me to KYC despite 100% accurate account+payment info I didn't want to send an ID, so just deleted the account. No drama needed.
Never had an issue with Racknerd.
LMFAO what the f is this?
this is not Racknerd's fault. Even Godaddy does same thing. Payment is processed, card is charged, and if the payment processor (Stripe or any other) finds the transaction as high-risk then even Godaddy (they too use third party processor) asks for verification in next 3-4 days. If verification is done by user within 24 hours then services are not suspended. Else they refund. This seems the payment-industry norm.
After the customer being flagged as high risk and a failed identity check the next logical step is not to ask him to pay by crypto. And you're the one who said "unless the client was trying to hide criminal activity".
Stripe's fraud prevention is trying to protect their clients from chargebacks. If the customer is comfortable paying in crypto and RackNerd is comfortable accepting their business they can do whatever they want. If the customer is abusing the network for so-called "criminal activities" RackNerd can suspend their account.
I suspect that the real rub here is that the OP's (likely stolen) CapitalOne Credit Card™ will not be accepted at any crypto exchanges for the same reason it's not being accepted at Stripe.
It's not a norm, it's more lack of norm as credit card transaction security in US rather low.
In EU there's PSD2 and SCA so the adoption of things like 3D secure is like 80 percent. You will get it either for free or it's like in range of few euro per month combined with additional services. And for each transaction or subscription you will get a one time code on your mobile phone or the transaction will not go through. The most damage one can do with a stolen credit card is to buy something with contactless payment and that's limited to a low amount per day and after you need a pin. Practically only people who don't use it are very old people who don't know how to use the internet anyway and go to the bank or post office every month to pay the bills. The ones who are more tech savvy will use their banking mobile app to ocr their bills.
The norm is to simply make a small transaction like 1 euro and see if it goes through. If it does that's the identity check. And it's only necessary for post-paid services like cloud, for prepaid ones it's not. Any additional checks are plain and simple idiotic.
The reason OP mentiones Capital One credit card is probably because they widely employ a system like 3D Secure, they call it AirKey and that's considered as identity check. But idiotic as it is, it's most probably why he was flagged as fraud in frist place as in US when things like 3DS or AirKey are requested it will most often be seen as a fraud signal and flagged as high risk.
Read my previous post. It's more likely the case because he was using a more secure form of authentication than what's the "norm" in US.
If a hosting business knows that stripe tends to have false positives it doesn’t hurt to try to extend the deal with other means. These systems are far from perfect. And not just governed by tech people only. It’s not as easy as it looks from the armchair.
Why are you still yapping about Eurocentric bullshit?
For the record, it is quite common to submit a small transaction to "verify" a credit card in the US as well, but it is typically only used to verify the validity of the payment method in cases where that needs to be done before an invoice can be generated. It has nothing to do with verifying the customer's identity. The payment processor does have every right to do that independently afterwards as part of their fraud prevention, however.
Most of my CCs use 3DS a lot and even when buying services from offshore businesses I have not gotten into a fraud signalling issue.
Me thinks it has more to do with Capital One. Sadly irrespective of what OP thinks capital one isn’t considered very safe or reputable and after their huge breach a couple years ago it’s understandable. No one here thinks of them at the same level as most other CC issuing entities. They are a low tier brand.
From what I know adoption or 3DS or similar methods in US is pretty low.
3DS or similar things are considered in practice as an identity check. I'm sure at Capital One the OP was told so and they "forgot" to mention anything about the issues in US. This is on their website: "Use AirKey whenever you need to verify your identity. The next time you need to verify your identity, just select the option to tap your card." No surprise there people like OP will be pissed off when they run into such issues.
Don't take my word for it, just look at the Stripe website: "The results in the US were very different from what we have seen in Europe. Our analysis suggests that issuers in the US perceived transactions requesting 3DS to be particularly high-risk, often declining these transactions more aggressively rather than putting US users through an unfamiliar 3DS challenge flow."
I’m not in US neither in EU
Lol. Didn't notice till now it's in your username. OP commonly stands for "Original Poster".
I don't think you understand what this means. It's saying that card issuers in the US typically choose to decline the transactions that the merchant requests 3DS for instead of presenting the 3DS challenge to the customer.