Remix clone Hacker News

new | show | ask | jobs Github

	▲	pjc50 5 days ago
		> anything popular that used this system seems like it'd be pretty inundated with fraud I coined "micropayments means microfraud"; I would expect this to have similar situations to the AWS mystery bill problem, but on a tiny scale. If you can charge customers without their confirmation it's easy to run up bills. And of course the amounts are so tiny you can't afford dispute resolution.
	▲	strnisa 5 days ago \| parent [-]
		Yes, merchant abuse is a risk. What we do and plan to do: `- Each merchant requires an OAuth grant, and customers can revoke it at any time. - A customer ledger shows what, when, and how much each merchant charged. This can be shown in the customer's dashboard and monthly statement emails. - Customers have account-level spending caps to limit exposure. We will add per-merchant caps. - If patterns look off or we get complaints, we can pause new charges and review.`