Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

How to handle when customer cancels credit card charge

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to handle when customer cancels credit card charge

    I have a nifty shopping cart on my AlphaToGo site. It has all of the normal fraud detection built in to the process. But there is one type of fraud that I do not know how to control. A couple times a year someone orders a bunch of product, the order is authorized, I deliver the goods via download link(s). Nothing else happens for a month, and then suddenly the customer will reverse charges through their credit card provider. PayPal sides with the customer and subtracts the customer's payment from my account. The customer of course does not respond to my emails, never voiced any issue with my product. I have ample "proof" that the customer downloaded the items (I have a "registration server" that shows download date and number of download attempts made.) I also have emails that come to me each time a customer downloads a product. But this is not evidence as far as the credit card company is concerned, and the customer prevails - essentially getting my product for free.

    This is bad enough on AlphaToGo where all the products are mine, but it is worse if it happens on IADN's Shopping Cart. In that case I will have already paid out $ to the vendor and will have to recover those fees (IADN sells product from various A5 Developers).

    I do have the ability to "disable download" on any purchased item, and of course immediately toggled that for all items on this order. So now the customer at least cannot re-download the item.

    For one of the items, the customer cannot make complete use of the product because the same "disable download" will prevent them from registering the product - it requires registration when deployed similar to Alpha's WAS.

    Do any of you have other ideas?
    Steve Wood
    Join the ALPHA DEVELOPERS NETWORK
    There is no Cloud. It's just someone else's computer.
    Web - Mobile - Hosting - Products - Frameworks - Developer Resources
    AlphaToGo | IADN (100% Alpha Anywhere Websites)

  • #2
    Re: How to handle when customer cancels credit card charge

    Steve,

    I'm surprised PayPal doesn't have a solution or recommendation for you on this. I suspect its a widespread problem. Can they determine if the customer does this a lot to many vendors? don't they have a vendor ombudsman to help with this ?

    Do you keep track of "disqualified" customers or charge card numbers? getting stung once is bad enough, twice would be a very bitter pill.

    Is there some way to determine if the customer is actually using the software? Could you build something in that notifies you when that occurs? And possibly gives you the particulars, so you could report the theft to law enforcement? Naturally, the documentation should disclose that you will be notified when the purchased software is successfully installed...

    -- tom

    ps. I almost mentioned going to a subscription model, with built in time bomb on subscription lapse, but ...

    Comment


    • #3
      Re: How to handle when customer cancels credit card charge

      The prospects are better if the item ordered was a physical object that was shipped. In that case, there are 3rd party carriers that delivered the item, got confirmation and you can submit this as proof of delivery. For electronic download items, PayPal is clear, there is not much they can do. They agree to go to bat for me with the credit card company if I show "proof", but that is a couple automatic emails going back and forth. Looking at the order now, clues - buyer name is different than on the order, email address doesn't really match up to either name.

      Besides losing the cash, I don't like that the claim by the buyer is "Unauthorized payment Chargeback" which suggests I am a fraudulent vendor who simply ran their credit card without permission.

      I guess the worst case (other than the lost revenue) is that they buyer's purpose is to take my product download and description and re-sell the items on some other website. I am sure that is a very common practice.

      As mentioned below, after this chargeback I altered my product download process to disable_download so I can stop additional download of the product. I also just altered my Framework license process to prohibit registration if the disable_download is True. But the Framework is a special case, pretty hard to do that on small utilities.

      I think I will try to improve and automate the "proof" side of things. Not just my Transaction Log but some secondary process whereby the buyer 'registers' upon first use after the product is on their desktop.
      Attached Files
      Steve Wood
      Join the ALPHA DEVELOPERS NETWORK
      There is no Cloud. It's just someone else's computer.
      Web - Mobile - Hosting - Products - Frameworks - Developer Resources
      AlphaToGo | IADN (100% Alpha Anywhere Websites)

      Comment


      • #4
        Re: How to handle when customer cancels credit card charge

        Steve

        I am sorry you have had this happen, but I feel this is a really great question and I am glad you took the time to start the thread.

        I did a fair amount of eCommerce type business for government services. In my case we did not want to handle the credit card transactions nor keep the credit card numbers, account numbers, etc., on file. We considered the liability risk outweighed the value of having that information, so we opted for a service through a financial institution. I will suspect IADN does something similar. My point is that if you use a transaction provider can they offer any recommendations for a solution.

        Finally, I think all us who provide software must sadly accept that it will at times be 'stolen' especially online sales. A very bitter pill to swallow. Thankfully the vast majority of customers are not like the one(s) you are discussing.

        If you come up with any recommendations please share them. It could help many of improve our business processes.
        Regards,

        John W.
        www.CustomReportWriters.net

        Comment


        • #5
          Re: How to handle when customer cancels credit card charge

          Originally posted by Steve Wood View Post
          The prospects are better if the item ordered was a physical object that was shipped. In that case, there are 3rd party carriers that delivered the item, got confirmation and you can submit this as proof of delivery. For electronic download items, PayPal is clear, there is not much they can do. They agree to go to bat for me with the credit card company if I show "proof", but that is a couple automatic emails going back and forth. Looking at the order now, clues - buyer name is different than on the order, email address doesn't really match up to either name.

          Besides losing the cash, I don't like that the claim by the buyer is "Unauthorized payment Chargeback" which suggests I am a fraudulent vendor who simply ran their credit card without permission.

          Use Sticky Bone concept for Paypal!

          I guess the worst case (other than the lost revenue) is that they buyer's purpose is to take my product download and description and re-sell the items on some other website. I am sure that is a very common practice.

          As mentioned below, after this chargeback I altered my product download process to disable_download so I can stop additional download of the product. I also just altered my Framework license process to prohibit registration if the disable_download is True. But the Framework is a special case, pretty hard to do that on small utilities.

          I think I will try to improve and automate the "proof" side of things. Not just my Transaction Log but some secondary process whereby the buyer 'registers' upon first use after the product is on their desktop.


          Use Stickey Bone Concept for PayPal!

          Comment


          • #6
            Re: How to handle when customer cancels credit card charge

            This scenario is always a possibility with online sales/downloaded software transactions.

            You really need to incorporate some kind of secondary activation protocol, whereby the software has to be re-registered/re-activated, x no. of days after the initial install. (The number of days might be several months, even a year out ... your choice!)

            You could display some kind of interval warning dialog to alert the user and if you are afraid of calling it re-activation, just call it a required "update".

            Personally, if I sold software via online download, I would create as much havoc as possible for "customers" that were out to defraud me.

            By allowing several months, the software presumably would have become fairly entrenched into the operation of where it was being used ... ILLEGALLY! Or, if it was being resold, this would create some major problems for the miscreant who resold YOUR software!

            Reminder: this is software that they have not paid for, so they have no legal recourse when YOUR software suddenly fails to function!

            Comment


            • #7
              Re: How to handle when customer cancels credit card charge

              I do sell online. I do not use stores as such. No paypal at all.

              All the software will run between 30 and 90 days before needing to be paid for. When the time comes, they pay and get registered. I give them a 30 or 60 day further so if payment messes up, it stops. It has really only happened a couple times to me, but that second time for the registration worked in both cases.

              Yes, time bomb!

              If it helps, when they call for a registration or demo extension, I can give them a 15, 30, 60 extension or a forever registration number. That number is based on a lot of things including the date. It cannot be duplicated on another machine or in any other way. call me later and the number has changed. Call me for a different machine and the number is all different.
              Dave Mason
              [email protected]
              Skype is dave.mason46

              Comment


              • #8
                Re: How to handle when customer cancels credit card charge

                This is a problem that has been around very long already. Generally, these things happen under the anonymity of the internet. I have had to deal with these kind of problems a great deal.
                Most of the possible "solutions" mean that you would restrict the customer.
                For instance, you might want to consider not to allow customers to purchase using an anonymous email address like [email protected] or similar. Also, you might want to restrict the area where the customer is geographically based. Typically, orders from countries with certain domains are more at risk then orders from your own country.

                Typically, your credit card provider will always side up with the customer. And that customer may even be right since the credit card might have been stolen and abused. Most credit card companies do a lousy job in providing you the evidence you need to recognize this as being the truth. So you will question that as well.

                Also, the incidental "theft" of your product might not even be the greatest problem but you could also be at risk for unlawful copying of your product or your serial numbers if they can crack them.

                And even if you would find your customer as genuine customer from the USA, then still you would probably not want to pursue this further since any legal action could cost you even more as it brings you.
                If the customer is outside the USA you can forget that all together, not to speak of your Russian customer, or customer based in Bolivia or such.

                Internet fraud is growing, in all types and varieties. Hence personally I would not hesitate to implement a system that would require a second registration number AFTER the rollback period of the credit card company has expired......

                Comment


                • #9
                  Re: How to handle when customer cancels credit card charge

                  Years ago, we had a system where all monies going into an account at our bank(itwas a credit card only acct) was immediately drawn out to another bank account at another bank. At the time, it worked very well and put the onous on the card holder to show why he should get the money back. His credit card company could NOT just yank the funds. We never used paypal because something like paypal holds the money for a short period and can have money from several sales in your pp account at any given time. That puts pp in a position to go the easy route.

                  I am not sure the above can be done today, but may be worth looking into.

                  I am not against or for pp, just thinking of alternatives.

                  I do use pp for ebay sales and purchases, but that is about it. It is the buyers friend more than the seller and it is not their fault.
                  Dave Mason
                  [email protected]
                  Skype is dave.mason46

                  Comment


                  • #10
                    Re: How to handle when customer cancels credit card charge

                    And even if you would find your customer as genuine customer from the USA, then still you would probably not want to pursue this further since any legal action could cost you even more as it brings you.
                    Legal recourse is rarely the best solution, simply because of time, aggravation and cost. You have to play at their level! You have to hit them where it will hurt them most ... either in the operation of their enterprise [i.e. where they are using your application to administer part of their business] or in the pocket book [e.g. if they are reselling your software]. The only way to do this is a delayed time bomb that will cause them maximum grief, somewhere down the road.

                    Also, the incidental "theft" of your product might not even be the greatest problem but you could also be at risk for unlawful copying of your product or your serial numbers if they can crack them.
                    The solution here is to design your application so that it is "branded" with the company/entity name of the authorized user ... and this name then appears on all screens and reports. This will alert any unsuspecting third-party buyer that all is not "kosher" when they install your software. (By all means show your company contact information somewhere in the application).

                    You do this by storing an encrypted version of the authorized user name in the software; either as a global variable or hidden in a table. By using an encrypted user name, hackers will not be able to use an hexadecimal editor to find and replace the authorized name with something of their choosing! (To further tighten the screws, store the encrypted authorized name in several places and have your software compare the values ... and simply abort if the values do not match).

                    Although something I would not bother with, if you really wanted to sock it to the miscreants, have your software subtly corrupt their data ... simply by changing random information in their tables, without being too obvious. (Changes to amounts and dates are usually much harder to spot than changes to [e.g.] names, cities and descriptions).

                    For instance, you might want to consider not to allow customers to purchase using an anonymous email address like [email protected] or similar. Also, you might want to restrict the area where the customer is geographically based.
                    This would be difficult to police/implement and frankly, with safeguards like the above in place, I would not care where in the world my application was being purchased!
                    Last edited by Paullm; 04-10-2013, 10:35 PM.

                    Comment


                    • #11
                      Re: How to handle when customer cancels credit card charge

                      Steve, I think you commented on one of my posts regarding licensing.
                      I have an automated system - like you had- which sends a secure key to the user.
                      This sounds like a pure and simple scam and it should be possible to put a 3 month block on the software if payment is withdrawn.
                      The world is full of crapola.
                      See our Hybrid Option here;
                      https://hybridapps.example-software.com/


                      There are 3 things you can do in any situation;
                      Live with it, Change it or Walk away from it.

                      Comment


                      • #12
                        Re: How to handle when customer cancels credit card charge

                        Steve,

                        This is a nasty thing to have happened and I feel for you. Nobody like to be cheated, in particular when it comes to money.

                        One idea I had was to make use of the users machine name couple with say the date to make it unique, in an encrypted format which they send to you by email and you send back an unlock key which is good for a set period. Then send a second unlock key after that set period. That should prevent any unauthorised persons from using the app on another machine.
                        Regards
                        Keith Hubert
                        Alpha Guild Member
                        London.
                        KHDB Management Systems
                        Skype = keith.hubert


                        For your day-to-day Needs, you Need an Alpha Database!

                        Comment


                        • #13
                          Re: How to handle when customer cancels credit card charge

                          Keith,

                          See post 7

                          That is almost what I do.

                          Customer opens app and is face with a registration code. He has to call me to get a run code. It is a simple math process for me that will never work but one time.

                          I can give whatever type code I wish to extend for preset dates or forever. If it is all paid, he gets forever.
                          Dave Mason
                          [email protected]
                          Skype is dave.mason46

                          Comment


                          • #14
                            Re: How to handle when customer cancels credit card charge

                            Dave,

                            I almost hate to ask, but ... would you share your algorithm?

                            Comment


                            • #15
                              Re: How to handle when customer cancels credit card charge

                              No, but I will tell how I made it. Close enough?

                              Have registration table(encrypted)
                              holds id , internal reg, date of reg, what the new reg should be and what he enters

                              I get the machine name, hd number if it has one, date, I turn all that into a large number that is divisable by "say" 8 and the when the client calls with his number, I dived it by 8. now if I put a 3 on the end - he has 30 days - a 5 is 60 days and a 1 is forever.

                              Make sense? there is a password protected script, a form and each time the autoexec starts, it checks the 2 numbers in the table to see they match, if not the it goes to the registration form.
                              Dave Mason
                              [email protected]
                              Skype is dave.mason46

                              Comment

                              Working...
                              X