How to handle credit card frauds on Stripe for your SaaS
Hi, it’s Takuya. I was taking a 30-day break and now I’m back to work on my SaaS project, Inkdrop! It is a note-taking app which has about…
How to handle credit card fraud on Stripe for your SaaS
Hi, it’s Takuya. I was taking a 30-day break and now I’m back to work on my SaaS project, Inkdrop! It is a note-taking app which has about 1,400 paid customers at the moment. In spite of the fact that it is so small in comparison with other apps, unfortunately I’ve got a credit card fraud for the first time. (BTW, I got the report during this break and my relaxing time was completely ruined.😇) I had some research on card frauds and I would like to share what I learned and how to handle such problem.
Refund any suspect payments immediately
You have to avoid any disputes as possible in order to keep your SaaS trustworthy. Stripe may check number of disputes and can close your Stripe account once it got suspected as harmful. When you got an unauthorized payment report, you have to quickly respond to it politely and do what you can. Stripe has some documentations on fraudulences and disputes. They say:
Refund suspicious payments immediately
Refund any payments you suspect are fraudulent as soon as possible. In the Dashboard, select the payment and click Refund as fraud. This refunds the payment and reports it to us so that we can further improve our fraud detection.
— Best Practices | Stripe Payments
A dispute costs 15 USD:
EFWs do not officially require any action or response from you as a merchant. However, they are good indicators of impending disputes — 82% of payments that receive EFWs eventually get disputed. Since there’s a fee for disputes (15 USD) and disputes can count for certain chargeback monitoring programs you may want to proactively prevent disputes by immediately refunding payments that receive an EFW.
— Measuring Disputes | Stripe Payments
Here is the steps to handle a fraudulent payment report.
1. Calm down
This is a sad issue for both you and the cardholder. But it happened. Take a deep breath.
2. Get information about the suspect payment
In order to find the suspect payment, ask for the following information from the cardholder:
- The last 4 digits of the card number
- The date of the charge
- The amount
3. Find the suspect payment on Stripe
You can filter payments with the last 4 digits of the card number from the search bar on Stripe dashboard.
Even if it looked obviously a fraud, do not tell who this is to the cardholder for privacy reason.
4. Execute ‘Refund as fraud’
There is a Refund button on the top right of the payment screen.
Select a reason for the refund as Fraudulent. Note that it will add the card and email to your block lists so that future payments with them will not happen. It will also help other businesses using Stripe prevent fraudulences. Click Refund and block.
Preventing disputes and fraud
Stripe also provides a guide for preventing them, which is very helpful:
Collect as much payment information as possible
I’m using Stripe.js and Elements to build a payment form on Inkdrop, but it only collects the minimum required information such as card number, CVC and ZIP code. Collecting further information would help card issuers to verify that a customer is legitimate, such as:
- Customer name
- Full billing address and ZIP code
- Shipping address (if different from billing address)
Check out the above document for more detail about this. Also, supporting 3D Secure would be powerful to reduce fraud.
I hope it’s helpful for your SaaS business!
