New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Or rather, if they refuse KYC, the host can refuse to take their money.
But they weren't non-compliant. They just were unlucky. It isn't their fault that Stripe doesn't support their country, and xHosts' ToS did not ban people from their country from signing up.
I think it's quite feasible for even for the cheapest services, considering they also have to be aware of what is happening to their public perception. They're losing more on lost potential sales than they would on refund fees.
For the sake of your reputation, any failure to KYC due to mistakes on your side (or on Stripe's side) should be met with a full refund even if the service has been active since the beginning. This will keep people from associating your brand with unfair termination. For $3, it's definitely worth it.
Now, I'm assuming that your ToS mentioned the possibility of KYC when the service was originally purchased, right? So customers always knew of the possibility that you may be required to KYC them?
Just to be clear, I'm not a host. i'm just saying foreign taxmen probably want to crosscheck the amount paid by their taxpayers. Or your own taxmen are suspicious of local transaction, but there was no VAT charged. Or, punishing host for unknowingly made transaction with sanctioned individuals, entities, and countries.
Are we 100% sure this is what happened?
I get your point, but I wouldn't believe that someone will care if some small LET provider selling $7/year VPSes got money from a John Doe, USA but invoiced them as aaa aaa, Estonia
As for sanctioned stuff, I know for sure cryptoexchanges don't like such transactions and just refuse from serving you further, and banks/payment processors are obligated to detect, block and report such transactions too. Not a job of hosting provider.
Neither OP nor xHosts are contesting it.
This is obvious, nobody would confess.
Probably because of the privacy reason, this is public forum.
That is a hard NO.
Change of TOS = New Deal, comply and stay, if not we part ways, Things change, this is how the world works, fact that we don't like it... true.
Yet Prorated refunds are should be applied here. As the service was given for a x amount of time.
If you operate in the EU......... Depending on how much money you GOV lacks in the budget, I would not be so sure of that.
Also, by law you are required to provide and check the correctness of data of your customers, so, depending on how much $$ you rotate / year, you might be under or a above the radar. - betting that you are below is..... up to you/risky. Being small does not guarantee you get ignored.
You almost got the whole picture.
VAT will play a crucial role here, but even when VAT is not directly involved there are still reporting and compliance mechanisms in place. Countries track cross border financial flows for economic and tax purposes, so being small does not automatically mean you are invisible.
Governments and financial systems collect a lot of statistical data about the movement of money, why?? well to get you eventually or tax you, that is their job, and some agencies are pretty good ad it.
How do you think that sometimes small operators/providers with really bad habits get busted by law enforcement? via their AS or IP abuse??? ha ha ha, if you think a Judge will get that
........... Yet, the same Judge will get money laundering, financial inconsistencies ( fake users that are from Estonia and got billed to USA ) and that is how they charge you.
Basically Money will leave a written trail, transfers, payments, expenses, imports and so on.
Always follow the money.....
Yet this is not the debate on this thread, but I do like the subject
I don't see how KYC could undo the damage already caused by customer violating ToS (portscan, spreading malware, hosting phishing etc). If there were a ToS violation the only logical thing is to boot the customer IMO.
For B2C? Hell no, ESPECIALLY for $7/yr. For B2B or transactions with tax discount (no VAT)? Sure.
We have always had a clause in our terms stating that “we may request additional identification or information to verify an order.”
I’m not going to confirm or deny details about individual cases, as discussing specific accounts publicly would not be appropriate. Some assumptions are being made that failed KYC checks simply mean someone was “unlucky,” but compliance processes are rarely that simple.
To speak in general terms: when a KYC request is made, a customer may confirm their email and phone number and upload documents. However, that alone does not automatically confirm authenticity. Unfortunately, it is possible for people to obtain document templates or attempt to submit altered information.
This is why providers such as Stripe perform automated checks and cross-referencing against known patterns — for example previously flagged documents, reused details across different submissions, or other inconsistencies. Because of this, verification outcomes are not always a straightforward pass or fail based only on what is uploaded.
Each case therefore has to be reviewed on its own merits, and sometimes decisions are based on risk signals that are not appropriate to discuss publicly.
From a business perspective, when dealing with compliance matters we have to follow the process rather than make exceptions based on external pressure. Our goal is simply to operate responsibly and keep the platform stable for all customers.
Agreed, and I got your point.
Small providers may simply remain below the radar most of the time, but relying on that as a compliance strategy is not something I would personally be comfortable with.
Already caused = yes. However, KYC may be pre-emptive I guess.
What I want to say is that I don't see any reason to think it wasn't preemptive KYC
Note that importantly, NOT abuse from the OP. Just abuse in general. The host also stated that he has not and will not even look into the OP's identity details even though the OP states he has complied with all requests and isn't hosting anything bad, and the host hasn't accused him of doing anything wrong.
The host even stated that he's doing this to any accounts created between 2 specific dates, and it isn't necessarily anything to do with the OP in particular. This is why it's even more of an issue that he's refusing to actually look into OP's case. This is why it's making the host look bad.
A mere "risk signal" is not a valid reason to remove someone without refund. It's a fine reason to not take them on as a customer in the first place, but things get more hairy when they've already paid. Did they violate the ToS? If not, you have to keep them on as a customer. If Stripe simply doesn't support their country, that's the customer's problem.
KYC will not protect you from any abuse,
he can still do abuse for your platform
A pro-rata'd refund is not applicable for a lifetime deal. The user should get a full refund.
But even that is unfair on a customer who's done nothing wrong. Whenever a host kicks out a customer who's done nothing wrong, they have to hurry to find another provider at their standard prices, not a deal price.
I think your logic is confused here.
KYC is the provider's problem, not the customer. Of course, the provider is free not to provide service to the customer before a contract is made.
A user who provides correct details and a copy of their ID when requested is complying completely with the TOS.
If the provider's verification partner chooses retroactively not to accept that as valid ID when it is entirely legitimate, that is the provider's problem not the customer's. The customer has complied with the TOS, they should not be terminated, except in very extreme cases like e.g. they reside in a country that is under sanctions from your company and you are prevented from legally having them as a customer.
Taxmen are petty people. Once you're on their radar, they will try to find smallest mistake or even make one.
They know how to make correct financial fillings and could've made apps or even something like excel macro so you could fill it properly. But, they won't make it. They justified their position by being able to extract more money from the society (working class and corporations). It's definitely not about making fair contribution to the society.
Corrupt taxmen has been documented for millenia.
You're correct. In fact, cross-border bureaucracies and forms are among the requirements that come from the OECD that generates unimaginable amount of headache.
Government taxmen doesn't see you moving money abroad, they view you as part of monetary trillema problem
Edit: IRS caught mafia over tax problem. Well, not because they're not using good accountant. But, they definitely could made up mistakes.
Let me guess: you did the KYC more than 3/6 months after they placed the order, which you had already confirmed and delivered, so they can no longer create a chargeback.
How many of them have you refunded after terminating their service?
There appear to be two separate cases being discussed here — one from the original poster and another from a different user.
Regarding the case you are referring to as “standard practice,” I won’t be disclosing the full details, as that would be inappropriate. The customer has stated here that the issue was due to Stripe not supporting their country, however your argument seems to be based on assumptions rather than verified facts. It is always better to rely on factual information rather than speculation or personal interpretations.
Ultimately, decisions like these are made based on the facts available to us, not on assumptions or feelings. We intentionally keep certain details vague in order to protect internal processes.
It is similar to applying for a credit card with a bank — if the application is declined, the response is usually something along the lines of:
“Unfortunately we are unable to provide the credit card you requested and cannot provide further details.”
The process has been rolled out across accounts of various ages — some are relatively new, while others have been active for over three years.
We are currently working through the affected accounts and processing pro-rata refunds for monthly and annual billing cycles where applicable.
Unfortunately, such vagueness invites speculation which is damaging to reputation.
I understand that a lack of detail can sometimes invite speculation, which can affect reputation. However, the alternative would be far more damaging.
Allowing things to continue unchecked and potentially reaching a point where we would have to tell all customers “Sorry, 20i has ended the reseller relationship” would impact everyone.
Our priority is protecting the majority of our customers and the long-term stability of the service. If that means accepting a small amount of speculation or criticism in the short term, then that is a trade-off we are prepared to make in order to safeguard the wider customer base.
That's a false dichotomy. There are options besides a complete lack of transparency and allowing abuse to run unchecked. Not all providers are having this problem, which should show that there are solutions.
Those are the providers not losing money on lifetime deals.
@Alex9568, did the provider refund you, or did he just suspend your service?
That is incorrect, they do not have to keep them on if they do not want to.
I'm no legal expert and I have not looked into every regional law, but in most countries providers are not in any way obligated to let anyone be a customer. Companies are free to refuse service to anyone for whatever reason they see fit. Most countries does have some anti-discrimination laws meaning you can not deny service based on ethnicity or gender, but other than that it's pretty much up to the provider to choose who they want as customers, or rather, do not want as customers. So no, they do not have to keep them on.
A lot of people seem to think that it is some form of unquestionable right to be a customer, while legally it is not a right at all but rather a privilege and as such it can be revoked at any time.
But they are obligated to uphold their side of a contract. OP already paid. This isn't a restaurant just refusing you service, it's a restaurant letting you come in, making you pay up front, and then refusing you service.
That's not true at all. A contract is binding. A provider cannot kick you out without standing. That is why most providers add broad catch-alls in their ToS (e.g. "interfering with the enjoyment of other customers") so that they do not run afoul of the law. The provider does not have some privileged position that the customer does not have. That's the whole point of having a contract. If one side could just unilaterally render it null and void, it would have no purpose.
Providers can't create an all-encompassing contract that says they can just do whatever they want, either. In most jurisdictions, a severely one-sided contract would be considered an "unconscionable contract" that particular aspect of the contract could not be legally enforced.
If a provider could unilaterally revoke a contract they themselves entered into, then VeloxMedia would not have been banned!
You and xhosts are not a bank or similar so there are no "compliance issues". For you and xhosts under GDPR the only legal basis for processing biometric data is consent and the customer can refuse it. In that case you have to provide an alternative method of verification, this is even mentioned on stripe website.
You can put it in the TOS all you want but that does not make it legal. You can get fucked easy by consumer protection laws or GDPR or both with fines bigger than ones you mentioned.
This one is called automated decision making and again you have to provide alternative verification method. Neither 1. or 2. gives you the right to keep the money.
I borrowed this from the other thread. This just shows you don't even have an idea what your role in this process is. You are the Controller and Stripe is just the Processor. Stripe just does what you tell them to do and that's it, you are the one in "control" of the data. People at Stripe are not that crazy to put themselves in the role or the Controller.