Braintree paid us $20K by mistake

Question

I have an app that costs $18 per month [1]. Everyday, I get about 5-10 paying customers. Today, I got around 1000 paying customers with valid credit card payments in 1 hour. I wrote to Braintree and they have cancelled these payments as "Processor Declined". But, the subscriptions are still active. Will this charge the credit cards every month? Curious, why this happened? Anyone had similar experience?[1] https://formfacade.com/braintree/pay/website/premium

soneca · Accepted Answer

Maybe it was something similar to what happened with freeCodeCamp [0]: fraudster testing stolen credit card numbers.
I would look hard and overcommunicate with Braintree in order to this does not badly impact on your business.
[0] https://www.freecodecamp.org/news/stopping-credit-card-fraud...

kirubakaran · Answer

It may be a good idea to consider a 7 day or 30 day trial before you charge the credit card, so that you're not an attractive target for thieves using your company as a credit card verification service in the future.

throwaway888abc · Answer

You can use Fraud detection before sending transaction to Braintree + blacklist of fraudulent transactions.For example https://www.fraudlabspro.com/

Braintree paid us $20K by mistake

Maybe it was something similar to what happened with freeCodeCamp [0]: fraudster testing stolen credit card numbers.I would look hard and overcommunicate with Braintree in order to this does not badly impact on your business.[0] https://www.freecodecamp.org/news/stopping-credit-card-fraud...

It may be a good idea to consider a 7 day or 30 day trial before you charge the credit card, so that you're not an attractive target for thieves using your company as a credit card verification service in the future.

You can use Fraud detection before sending transaction to Braintree + blacklist of fraudulent transactions.For example https://www.fraudlabspro.com/

Maybe it was something similar to what happened with freeCodeCamp [0]: fraudster testing stolen credit card numbers.
I would look hard and overcommunicate with Braintree in order to this does not badly impact on your business.
[0] https://www.freecodecamp.org/news/stopping-credit-card-fraud...

You can use Fraud detection before sending transaction to Braintree + blacklist of fraudulent transactions.
For example https://www.fraudlabspro.com/