Yea, unfortunately Stripe doesn’t make these decisions. Couple things you could consider: * Adding additional verification steps like Stripe Identity * Requiring 3DS, which shifts loss liability in some cases to the card issuer * Using Stripe Checkout with Chargeback Protection: https://stripe.com/radar/chargeback-protection. It costs 0.4%, but you wouldn’t need to worry about losses at all (up to a certain volume... Source: almost 2 years ago

You could consider looking into using Chargeback Protection, which will add to your processing fee, but will protect you from loss from chargebacks on eligible transactions (i.e., purchase made via the Checkout). You won't have to provide evidence, you won't lose the money (up to a certain amount per year); it's essentially an insurance system. And from my reading of their docs, I don't think you'd have to deal... Source: about 2 years ago

I have seen companies out there that specialize in combatting chagebacks for businesses. Basically any chargeback that happens, the company takes care of disputing it. For a company like yourself that processes high dollar transactions/products/services, you may do well to seek such a company and use their service, get your own merchant account and stop using 3rd party processors. Stripe has a chargeback... Source: about 2 years ago

Stripe offers Payment Links [0], which makes it really easy to accept payments (just paste a link into your product page and handle a webhook serverside; a single href is adequate). They also have a separate "Checkout" offering [1], which requires some code client- and server-side to generate the page. So far, Stripe has been awesome for me selling $2.50/mo subscriptions [2], and as far as I know, suspicious... - Source: Hacker News / about 2 years ago

Right, Apple is only providing the hardware and it requires to use a (partnered) processor, like Stripe, which was the example they used in their recent announcement. Stripe coincidentally sells chargeback protection as a service https://stripe.com/radar/chargeback-protection if that is a concern. - Source: Hacker News / over 2 years ago

I 100% agree that it's shitty from a security standpoint BUT EQUALLY it is not your job to be the security guy for the MSP. Your job is to provide those credentials as safely as possible. (https://pwpush.com/) is your best bet. Source: 6 months ago

What about something like password pusher? https://pwpush.com/ What is your guys opinions on this? Source: 11 months ago

Yes, also https://pwpush.com/ as a service for the quick start! Source: 11 months ago

Pwpush.com if you want a little control. Source: 12 months ago

We use https://pwpush.com for sending out passwords (or URLs or small files) and have the link set to expire, limit number of views, etc. Source: about 1 year ago