This is an update of the situation with our payment provider Stripe.
Two weeks ago we experienced a fraudulent activity on our website. The attacker bought the most expensive subscription 1,055 times using one single card.
The Stripe’s system didn’t find it suspicious that there were 1,055 different billing addresses for the same card. Note that we don’t process cards directly, everything happened on the checkout page hosted on their server.
It was a delayed payment method, and we realized the attack took place only several days later when our website was notified about the first 500 “successful” transactions. We continued to “receive” the money for another 3 days.
Stripe couldn’t block this card in the middle of the attack, didn’t properly investigate the incident, and just decided to close our account altogether.
As a response to the attack we implemented additional security measures:
- On the signup, login and checkout pages in addition to our own captcha we added Google Recaptcha Entreprise, which is considered the industry standard.
- We disabled the guest checkout, now the users need to confirm their email and log in on the website before buying a subscription.
- We stopped accepting the payment methods that don’t allow the disputes.
Unfortunately, Stripe was not satisfied by these security measures and confirmed the closure of our account. They will also be holding our funds from the last 2 weeks for 90 days.
Stripe was our trusted partner for the last 4 years, and we were totally shocked by this decision.
While we are looking for alternative solutions, for now the only available payment method for new subscriptions is PayPal.
Our account closure in Stripe is scheduled for November 30. We will cancel all the active recurrent subscriptions during the next few days.
The accounts with lifetime access are not affected.
How will it affect you if you have an active recurrent subscription with us?
First of all, if you paid with PayPal, your account is not affected in any way.
If you used any other payment method and your recurrent subscription is due for renewal soon, don’t worry.
We will be extending all active recurrent subscriptions for free for at least 2 weeks or until we find another payment provider.
It will be difficult for us financially, but we want to support people who decided to support us.
We apologize for the inconvenience and appreciate your trust in our company!
Best wishes,
Timur