The Madness of SAAS Chargebacks
Key topics
The author discusses the issue of SaaS chargebacks, where customers dispute charges with their banks instead of requesting refunds directly, resulting in significant costs for merchants. The discussion highlights the frustration and helplessness felt by merchants in dealing with chargebacks.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
17m
Peak period
56
0-2h
Avg / period
7.5
Based on 112 loaded comments
Key moments
- 01Story posted
Sep 15, 2025 at 7:30 AM EDT
4 months ago
Step 01 - 02First comment
Sep 15, 2025 at 7:48 AM EDT
17m after posting
Step 02 - 03Peak activity
56 comments in 0-2h
Hottest window of the conversation
Step 03 - 04Latest activity
Sep 16, 2025 at 2:49 PM EDT
4 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
A $10 payment ended up costing us $43.95 recently. Banks almost always side with the cardholder, and the only reliable “win” I’ve seen is when the customer withdraws the dispute themselves.
So here’s my question to the community:
What’s really going on here? Why do banks completely ignore the terms customers agreed to when they subscribed, or even in cases where the claims are obviously false? And why aren’t customers required to provide any proof at all?
What actually prevents someone from using a SaaS product, filing chargebacks every time they cancel, and essentially getting refunded for the last several months of usage?
Would love to hear your thoughts.
When I look at some other companies, I often see all kinds of "shady" tricks that clearly boost revenue, but also inevitably increase the number of cases like this.
But this is a slightly different story. With chargebacks, almost every time it was just a customer not wanting to admit fault. What’s strange is that they could have simply written to us and asked for a refund. But I guess they realized they were in the wrong, so instead of contacting us, they went straight to their bank.
I’ve been a credit card user for 30 years, and in the first 25 of those years, I only had to resort to chargeback once. In the most recent 5 years, I’ve had to do it about 3 times. Companies in general are just way less responsive now and take their customers for granted way more than in the past.
Card-not-present (I.E. internet transaction) has a lot more merchant fraud then friendly fraud (what we call these cases) and the incentives for both merchants and banks is to make sure the customer never loses trust in the system. If people were afraid to use their cards on the internet everyone loses.
It doesn't make sense for both the merchants and the banks to arbitrate every 10$ transaction. I doubt your case even reached a human, or if it did they even gave it a minute of thought - you are just someone who does not know the rules to them.
Now if a customer abuses the chargeback mechanism, he'll have is card revoked, probably be blacklisted and his life would be an insane amount of complicated from now on. But you'll never see these cases. Be sure that if someone could abuse the chargeback mechanism to the extent you mentioned, the system would be unusable, the fact you get chargebacks only rarely is a testemant that there is policing going on at the bank side.
It's just not 100%. Like Patio11 says - the optimal amount of fraud is non-zero[1]
If you have a large chargeback (let's say 1000$ and more) you might actually get someone to review it, and there's a slight chance you'll win if the case is good. But the system is not geared for that.
It's geared towards you amortizing the cost of chargeback into your price - and eventually the people who pay it is always the customer, not the merchant.
[1] - https://www.bitsaboutmoney.com/archive/optimal-amount-of-fra...
I give instant refunds, we are very lenient with our terms, and I've made the unsubscribe flow 2 clicks from email or dashboard (want to cancel? click. Are you sure? click. Done. Confirmation email). Every subscription email also includes short instructions on cancellation.
Even with a very customer friendly posture, the chargebacks fall into three categories:
- bad experiences with other companies, so instant chargeback instead of emailing or calling - miscommunication between customer departments (accounting doesn't know about the subscription and chargeback) - fraud or lying about usage
We've won about 50% of the chargebacks disputes. I recently added an admin interface that has a chargeback defense function that compiles evidence into a handy package I can upload to Stripe to dispute.
Your SaaS is a dime a dozen to them. They dont care about you. You dont make them any money, especially when the customer is actively trying to stop doing business with you.
they have a banking relationship with their client, and none whatsoever with you
if they decline the chargeback they then take on a load of risk (they might lose their client, they might get reported to the regulator, they might be sued by their client and then stuck with the bill)
but if they just pass it on then you take all the pain
not surprising at all given the structure of how credit card payments work
Even in HN comments I've seen people saying they use temporary card numbers (valid for one transaction only) or click a button to dispute instead of a single email. That button in the banking interface might be "block future payments" or such. They must've bad experience with companies in the past?
Actively emailing with the customer sometimes helps. It worked for us. Sometimes it didn't. For example if it's a company credit card and the employee left the company. Their accounting team simply doesn't know what our service is for.
At this point the fees are part of "cost of doing business".
https://news.ycombinator.com/item?id=44382686 is an example where a customer was unhappy about merchant charges and seems to contact the banks only, not the merchant.
Ever used a gym, airline, or subscribed to a newspaper? Many businesses are genuinely customer-hostile.
Depending on your country / ticket, you have a 24 hour cooling off period, easy to call phone numbers, self serve web platforms and apps, very well documented processes and procedures.
Most of the worst airlines have some of these things, because if they didn't, they wouldn't be allowed to operate in certain regions (Canada/US, EU)
It's common enough that popular TV programs cover it
https://www.youtube.com/watch?v=oh8PFs0LTKc
Not sure about airlines though.
They finally reached out asking why. I told them we hadn’t even shown our faces there for months. But the following month they charged me again, and again I charged it back. This cycle repeated a couple more times.
The bank would still be the one dealing with chargeback and chargeback related costs, I do not see why Apple would care or get involved.
However, I wonder if the biometric verification of Apple Pay merits a different response to chargebacks where the bank will not simply take the buyer’s side.
[1] Average brick-and-mortar interchange fees for Visa and MC range 1.85% to 2.6%, AMEX is 2.5% to 3.3%.
I've only had 1 business owner ever say it was due to chargebacks, a small tea shop in a Chinatown in Canada. They also don't take Mastercard for the same reason.
This is also why American Express launched the Cobalt card in Canada, which had a 5x multiplier for eats, drinks and groceries, and pushed it so hard for years on social media and bus shelters, despite eventually starting to disincentivize it (it was a loss leader/upgrade feeder product for Amex). They wanted to win merchants back with a new generation of hip, social media savvy Amex customers.
.. to the user. What do they charge the vendor, or it just the 30% of every transaction (which some might consider ridiculous).
edit: comment below reminds us that unhappy customers can get you banned entirely https://news.ycombinator.com/item?id=45248686
So the $43 thingy is more like at least $3000 + (43$ per 1 in 100) and (2$ + %3) per + handling VAT remittence per + handling local laws per(which means you will likely need a few more highly specialized employees or services that you pay hefty cuts approaching Apple).
Taking money from people anywhere in the world in exchange for your product or service is trivial on Apple because they indeed employ a lot of people that deal with this stuff, thus %30 is fair IMHO.
Life is hard enough and I have enough things to do that actually require energy and focus, and I refuse to spend any of it trying to convince you that don’t need your SaaS product.
The way a lot of businesses try to exist in this superposition between being "just pals!" when things are going their way but if you try and resolve a problem, they immediately start quoting policies and legalese is really off-putting tbh.
Your definition of good, is my definition of a prison.
Customers don't want to "reach out" if it means hunting deep in their account settings to find the cancel button, or calling a number which may or may not lead them through an endless phone tree to waste 5 minutes talking with someone on the retention team reading from a script.
People don't remember they signed up.
They can't remember how to log in from a different device to cancel.
It's easier to use their credit card app to dispute the charge.
The company name is different than the product name - even a slight difference may indicate a scam, like all of these highway toll scams using a slightly different domain name.
A worker or family member signed up using someone else's card, and that person has no idea what the charge is for.
People expected one thing from your SaaS product, and got something else that they are not willing to pay for.
They rarely check or read their email.
Your account reminders are going straight to spam.
The communications around the product, pricing, or requirements was lacking.
When I click that button, the recurring payment is automatically canceled, and the SaaS company can check that and know that I unsubscribed. Or something along these lines.
There is already a power-asymmetry between consumers and companies. This should not extend to unsubscribing. Here, the consumer should have all the power.
Chargeback is easy because it's under the card co's control. Deep link would require knowing the cancel page of every sub, plus handling auth factors. API connection would two way integration, with scoped auth between every bank and every service. Hopefully managed by an SI or aggregator, but the business model sounds hard (the bank doesn't mind the chargeback, the SaaS doesn't want the cancelation, so who pays?)
I'd be happy to just have the ability to easily ask the credit card company block further payments with no actual notification to the business besides that the monthly charges stop going through. If you want to be fancy about it, creat a custom industry standard declination reason for that use case.
This already exists. Mastercard (and Visa?) has an API that lets banks notify subscriptions when your card changes to update the card number https://developer.mastercard.com/product/automatic-billing-u...
* https://www.visa.co.in/about-visa/newsroom/press-releases/vi... * https://pgi.billdesk.com/web/sihub
All it needs is a "payment refused, user canceled service" response to billing and not to flag the billing attempt as fraud.
What I'm talking about is an official way to unsubscribe. One that the user fully controls, and is free of dark patterns.
[1] https://www.twilio.com/en-us/blog/insights/list-unsubscribe
Banks are barely running on a modern stack, let alone doing anything userful within banking, and you want them to build an api to cancel an outside service? :)?
Love this so much, most HN comment ever :)
Merchant's end up getting the short end of the stick in most cases.
Credit cards are also required to be "tokenized" when stored at a merchant or payment aggregator - the user authorizes the bank to allow the merchant or the aggregator to "store" the card details for use later, and the bank then issues a card token, tied to the specific merchant/aggregator. They are not allowed to store the original card info at all - just this token. This makes the token not worth stealing, as it can be only used by that merchant, and is trivial to de-auth if needed, with or without merchant cooperation.
If this is the way it works and the result are chargebacks it just means things cost more in general (cost of business will be factored in).
It's not a good thing.
I’ve shared examples in the article.
Put punitive terms into your SLA. (Though check with a lawyer about adhering to your merchant agreement.)
Charging back doesn’t cancel a contract. If you want to be vindictive, you could sell the debt to a collector.
The problem is that a “punitive” amount of liquidated damages is neither reasonable, nor would it typically be found to have been the product of an actual estimate of the damages. See, 356 cmt. a.
If you didn’t say “punitive” in the LD provision, you’d have the “reasonable estimate” conversation but GP straight up called it a punitive clause, which is not going to fly (in many jurisdictions, ianyl, etc. etc.)
Would note that the Restatement isn’t law, but an influential guideline. As long as the punitive terms are clearly agreed to, they ought to be able to fly. (Particularly if made in exchange for money, e.g. pay a premium to opt out of punitive cancellation.)
What a world we would be if companies didn't want to bill customers that don't use their product. Imagine if companies automatically paused billing if you stopped using their product? Panacea.
Apple is a hugely greedy company, but it's one thing I like about subscribing to things in there -- I can cancel at any time with minimal effort.
Beeminder does exactly that!
https://blog.beeminder.com/autocancel
shrug. That's just the way it works.
Make it easier to unsubscribe than doing a chargeback. Your competitors who do that will have a lower cost and be able to undercut you and you'll go out of business.
That is a good thing.
How do you know people aren't already doing so? It's not about the competitors but the industry in general.
Have you not read the post I was replying to?
I quote:
> People don't remember they signed up.
> They can't remember how to log in from a different device to cancel.
> It's easier to use their credit card app to dispute the charge.
> The company name is different than the product name
> A worker or family member signed up using someone else's card
> People expected one thing from your SaaS product
> They rarely check or read their email
Sure there were other points, but more than 50% of the list is about the customer having their own problems. It's like having a bad actor in the system making it worse for everyone.
In UPI (I know I know...) there is an autopay system. Your single UPI app has a single page with all your subscriptions. You can cancel or do whatever there and it's all handled in one place. My openai, streaming services, youtube premium, amazon prime, everything is on there. It gives me notifications before a charge is about to occur. No dark patterns.
This is the standard I expect.
Since credit cards don't provide a centralised thing like that, it's up to the SaaS provider to give the equivalent experience.
Cancelling should be _exactly_ as easy as signing up. If that means your MAU doesn't increase as fast, maybe you have a shit product. Case in point: amazon prime can have cancel buttons littered all across every page and I'm still not gonna cancel it.
Here's the simplest implementation: Few days before and on the day of charging, some infobox on the app's most attention-requiring screen, and an email telling me I'm gonna be charged. In all those communications, the main CTA should be a cancel button, that without further ado, let's me confirm and cancel the thing.
Anything even one step more complicated is a dark pattern.
Someone downthread mentioned - what if they want to change their subscription level instead of cancelling? In that case, two CTAs: change plan, and cancel. Both equally sized and right next to each other with good color contrast - important! None of that greyed out cancel button bullshit.
> some infobox on the app's most attention-requiring screen, and an email telling me I'm gonna be charged
Nope, I no longer log in (because your app was crap, or because I accomplished my goal). Fine I lost $10
If I log in every day or two chances are I want to keep it going. It has to be an out-of-band communication with the ability to cancel in a frictionless way, which means no account hijinks
But recently I asked for a refund from a very popular project management system, and it was a nightmare, an absolutely terrible experience. After that, I gained a new level of respect for our own support team ))
> we also provide a simple, self-service way to cancel the subscription
It's hard to comment without seeing screenshots and description of the process. When people are cancelling under a perceived threat (will be charged otherwise), any inconvenience will become an extreme one.
As for cancellation, the problem is that even though it’s easy to cancel a subscription, chargebacks usually happen afterwards. It doesn’t matter how simple cancellation is, what matters is that the user first cancel and then still goes and files a chargeback.
I'm talking about additional email. 24 hours before the transaction. With the subject "You'll be charged $10 for renewal in 24 hours".
This email will hit a lot harder. Most people's inbox is full of transactional email, as per recent post here on HN.
Is your cancellation mechanism consumer friendly? You don't do proration when people cancel and say you only "meet them halfway" when they go through the effort of requesting a refund in response to this user hostile policy.
There are a lot of very user unfriendly policies and implementations. Sometimes companies that legitimately try to do the right thing get caught in the blowback, but more commonly, companies aren't as user friendly as they like to pretend and have adopted at least some of the pervasive dark patterns.
This happened to me once with a meal planning app (Eat This Much). I did validly cancel and get a cancellation email, but Stripe had errored out (I didn't realize this) and I ended up disputing the charge with my credit card because I couldn't get a hold of them (they had just done some UI changes that unfortunately broke their in-app contact function).
In the exit survey, I mentioned I was disappointed that they chose not to honor my cancellation request. Their support person reached out to me to let me know that they couldn't refund me without me dropping my dispute, but my dispute was already marked as resolved by my bank. I guess they issued a courtesy credit and didn't want to deal with the back-and-forth internally.
I sent them the cancellation email that I had received proving my cancellation. I'm pretty sure if I hadn't received that email, they would've cursed me up and down as one of these "anti-social chargebackers", because it confused them enough that their CEO personally emailed me to apologize; they found the Stripe error in their logs, it had only happened one other time in recent history, and they wouldn't appeal my dispute as a result. They did offer me a free month, but I really did want to cancel - it just wasn't working for me, but at least they were nice about it.
I'm sure without that added context, the story would've been the same as this post - yet another person charging back and not reaching out first to explain. I was pretty angry about the situation at first (having no knowledge it errored out or that they would be more willing to refund me than deal with my chargeback), but they were a small team, they were nice about it, and I dropped my interest in posting a public complaint about it.
We do get a fair number of disputes like the author where customers will cancel after getting billed, and then dispute it, even though we always give refunds to people who email and ask for one. It also feels like there's been a significant up-tick in recent months of disputes like these, maybe a reflection of the current economic climate. Hard to blame the customer though, for all the reasons listed by the top comment -- sometimes it's just easier to do it through the bank than figure out how to cancel through an app you forgot you even subscribed to.
Your post says about $10 charge, I am not sure how it happened with current flow.
Be very direct about the pricing, and please use your own product so customers are not confused.
https://beeimg.com/view/d3295639248/
In the post I mentioned that we build several products. I didn’t want to list them all, because I always feel a bit awkward about self-promotion. My goal with the post was to spark a dialogue, not to advertise.
RE pricing page: yes, we do state that there’s a minimum of 5 seats. But there are no chargebacks here, since we don’t take a card upfront and we don’t bill in a hidden way. In the worst case, if you missed or didn’t read that detail, you can simply decline and not subscribe after the trial. You’ll see the price in Stripe before giving us your card. And if you prefer, you can stay on the free plan for up to 5 ppl.
This is a dark pattern. You should display the actual minimum monthly charge in text that is at least as large as the price per user.
No, the worst case is the customer gets the $10 price into their head and then doesn't see the actual monthly charge amount when they subscribe. You are now charging the customer 5x what they expected to pay.
No wonder you get unhappy customers.
Here are two fixes
> "From $50"
> "$10/user minimum 5 users" in the same font and size
Did they confirm the identity of the person matches the card?
If the merchant has no liability, if opens up a whole world of new fraud.
Banks operate on risk, make chargebacks risky.
Some of these chargebacks sound like straight up fraud. Three months of usage and using their bank to reverse a payment.
Make Fraud Spicy Again
The best you could do is send your client to collections, though if you try and mess with their credit report, that incurs liability on your part. Funny enough, German companies do send SaaS/IaaS clients with small bills owing to collections, even for amounts as small as 15-20 EUR.
The total costs of making the claim were more than the amount I'd claimed, but I'd been careful to provide all the proper notice and offer to settle for the amount of the claim, so they were awarded against the defaulting client.
It was great fun and I think it would have been fun and educational even if I'd lost. Would definitely do it again.
From everything discussed in the article, there are a 2 major takeaways:
1) You need to avoid chargebacks as much as possible.
2) If a chargeback does happen, the chances of winning are basically zero — unless you can convince the customer to withdraw it.
The best you can really do is be large enough that cutting ties with your business entirely isn't feasible for the customer.
The second thing I learned, you pay a fee if you intend to respond.
Basically, from what I understood, a chargeback is a lose-lose situations for the business. If the cost of the transaction is less than the two fees, it’s better to let chargeback settle in customers favor. Otherwise, you risk losing both fees, as the chance for winning a chargeback is very small (from what I learned).
I had a customer who used a “wrong credit card” (read: a corporate card that they had access to). I reached out to the customer asking them why they filed a chargeback, they told me “sorry, used the wrong card, the owner filed for chargeback”.
I didn’t bother to file the counter argument. Just blocked the customer, and ate the fee.
Enable 3D secure, this _might_ help with chargeback protection. And as someone said, enable Radar, it costs extra. There are also service that automatically refund the customer when they “intend” to file. Basically, stripe sends you a webhook when chargeback is about to arrive, so you can refund, this avoiding the chargeback fee.
> What’s really going on here?
Reality. You need to prove something: that the card holder made the purchase to the standard the banks set and you can't. It's as simple as that.
> Why do banks completely ignore the terms customers agreed to when they subscribed or in cases where they’re clearly making false claims?
Because your agreement with the customer is not the only agreement in play. You accepted these chargebacks and that process when you accepted credit cards.
> And why aren’t customers required to provide any proof at all?
You can't prove a negative. I can't prove I didn't authorize payment. And, because it's online, you can't prove I did. "logs, screens, terms, full context" are not proof. None of that is useful or proof in any way that the card holder made the purchase.
> What actually prevents someone from using a SaaS product, filing chargebacks every time they cancel their subscription, and essentially getting refunded for the last several months of usage?
Credit card number limitations. Why would you accept a payment from the same credit card number again? Also, repeat offenders can be blocked by payment providers. This is the way a lot of online stores work.
> Would love to hear your thoughts.
A few more points...
> "The Madness of SaaS Chargebacks"
It's not SaaS chargebacks. It's just chargebacks.
> The worst part is that it doesn’t matter whether you win or lose a dispute — the very fact that it was filed still counts against your account.
Yes. The reason it counts is because you are problematic, or at least attract problematic customers. This ends up costing the banks money. I'm sorry, but if you had a problematic customer that cost more money than you made from them, you'd probably stop working with them, too.
> Still, we always submit evidence.
Not the evidence that matters. You need evidence that the card holder authorized the payment. I promise you, nothing you submitted proves that.
> Inside the product, we also provide a simple, self-service way to cancel the subscription without any questions asked.
Do you ask for the username and password? Right... and if I didn't sign up for the service to begin with, I didn't agree to the TOS.
Let's also address one more thing:
Facts:
> Charge was processed August 12 (regular billing cycle). > Subscription canceled August 18 (6 days later). > Dispute created August 19. > The claim is false.
Nope. The problem is when the person requested the subscription be cancelled. Not when your system recognized it.
> the customer doesn’t have to prove anything
The problem is when a customer requests you cancel their subscription, and you say you will, and you don't do it until 6 days later.=
The problem is when a customer goes to request to have their subscription cancelled, and your service is broken and doesn't recognize the cancellation and they don't realize it never cancelled until 6 days later.
I can keep going.
Let's try this: prove to me the customer didn't submit a request to cancel the subscription when they said they did.
That's right, you can't prove a negative.
I can keep going on, but you can find lots of information on this and why it is the way it is. If you don't want to deal with this, there are other options that eliminate or reduce the chance of chargebacks. But you won't find those as popular. Because they aren't customer friendly.
-- sigh unfortunately it's the opposite in 3rd world countries like Indonesia. I've had my cards physically stolen on the airplane. Despite having all the evidence and common sense ("I'm in city X airport and the disputed transactions happened in city Y, you're saying I went there immediately after landing and return to the airport just to queue for immigration, all in an hour?"), none of the banks accepted my chargebacks that I filed few hours after incident.
The banks are Bank Mega (national, private), BNI (state-owned) and DBS.
The most common charge back case is when a customer loses its card and the bank charges back all the transactions of the past X days no matter what. It is stupid but a lot of banks do it instead of asking the customer which transactions are legitimate.
Why? Because it's 100% fraud. I've personally reviewed every case most of them are filed under "duplicate charge". When I review their account I see something like this:
- Loaded $10 on account
- Spent $3
- Spent $5
- Loaded $10 more
- Spent $6
- Spent $6
And they decide to dispute the second $10. Even when I can show exact timestamps of all their purchases/reloads the banks don't care. They don't care they they got the product and are scamming the festival. They just don't care.
And before "I can see how someone can make that mistake when they see 2x$10" sure... but then why not reach out to support (buttons are on every page to reach out directly to me through a form and I respond in <1hr normally)? People suck and so do the banks (all of them) that allow this fraud to continue.
As shown here, when someone charges back on a $10 you _immediately_ lose $15. No matter what, $15 is gone, so now you are $25 in the hole (plus Stripe fees) before you even get started. At _best_ you can recoup $10 but history has shown that the chances of winning are next to 0 and at best you end the day with -$5.
But wait! There's more! Stripe added _another_ fee of $15 if you try and counter which you will get back only if you win the dispute (which you won't).
So, if you charge someone $10 and they do a chargeback that you fight and lose you are out $40+ ("+" because of the Stripe fees on the original payment). It's just absurd. If you don't fight it you are out $25+ and if you fight it and win you _only_ lose $5.
Winning never felt so shitty...