Hacker News new | past | comments | ask | show | jobs | submit login

Ok. Would you do only that or also one of these options

* put an error message "you are trying to use a card issued in X from Y, contact support"

* put a prefilled unchangeable field containing the current country

* signal an error on all fields when I insert something invalid (say, country and city) rather than only the zip code

* block the transaction before you validate my card

Because if so, you're better than what is currently available. If not, I'd be happy to understand what would be the downsides of doing these things :)

EDIT: also I realized now: you'd flag me if I put a non matching _billing address_ rather than if I use a card from abroad? That seems counterintuitive :)




The general rule is, you never tell someone suspected of fraud why they are suspected of fraud; it will help them figure out how to not be suspected of fraud in the future. You also want to give them as many required telephone interactions as possible. A) this slows them down if they are trying to automate the process and B) It's much easier to determine whether or not someone is trying to defraud your service over the phone.

If the credit card you are using is stolen, eventually the billing company will have to charge back your purchase. Enough chargebacks in a month and the billing company gets a HUGE fine. It is in their interest to err on the side of caution in cases where something like this occurs.


Also, you generally don't tell someone that's suspected of fraud that they are suspected of fraud. You tell them there's a technical difficulty, and they need to call.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: