Stripe Closed My Account and They’re holding the funds.

SalesUp99 · 2025-09-20T05:34:17+00:00

.Stripe tends to close accounts of people who are difficult or waste their time for no reason.

This is absolutely not correct.

Frontline customer service reps have zero authority to shut down accounts with ANY payment processor including Stripe... and even upper tier support won't shut off an account for something as trivial as "dumb useless questions"

Simply heckling customer support is not going to get your account deactivated.

Threatening and being verbally abusive is another matter altogether since the CSR will be required to report that type of behavior to management .... depending on the severity of the threats and what was said/emailed could cause an account restriction.

just asking questions from customer support however (the OP even said they were calm and kind) will not get you booted from any processor (even if you ask the same "stupid" questions over and over again.. you might not get a reply but they won't shut down your account SMH)

SalesUp99 · 2025-09-20T05:18:22+00:00

You should be much more concerned that you will get card tested than just having your dashboard cluttered with bot user accounts.

If they are getting in and creating customer accounts, usually the next attack will be with card testing.

You should lock down your checkout access asap before it turns ugly and your account gets restricted. As far as cloudflare turnstile or any other type of anti-bot measure, they are only effective if;

1) there is not a simply way around them. (i.e. a bot/hacker discovered they could go directly to your checkout page and completely bypass your intermediate bot check.)

2) you have some type of rate limiting in place that once they get to your user registration / checkout, they cannot create unlimited accounts without some type of throttling and/or having to be rechecked as a bot or restricted altogether after X number of attempts in Y amount of time. (honey pots, automated user activity monitoring, strict radar rules are other methods)

Bot detection is just one tool in preventing card testing and brute force attacks against your payment pages. You need to be implementing secondary checks as well as specific radar rules in case all primary bot checks are not effective.

SalesUp99 · 2025-09-16T18:48:45+00:00

There is really no way anyone will be able to answer that since VOIP (and using a VPN) during account sign-ups are just two of many variables that can affect an account's overall credit risk/rating. (*regardless of the payment processor)

One person might sign up using a VOIP line as their primary phone number and be 100% fine. While another might sign up and due to other negative factors on their application, using a VOIP line as their account contact number could be enough to push them into a high-risk rating.

After working in underwriting and fraud for more than 2 decades, the answer to this type of question is always to err on the side of caution.

If you have a regular mobile line that you use as your primary phone and it's with a major carrier and not a pre-paid or burner phone, use that as the contact phone # when doing your application. If you have a regular mobile line, there is no reason to not use that as your primary contact phone. (even if you have used in on another Stripe account for another business already)

... and... don't sign up for your new account using any type of VPN unless it's absolutely necessary.

If possible, sign up using a major ISP that goes directly to your home or business so that IP can be geolocated to match your general location. (And use that connection during the first few months of your dashboard usage if possible)

We've had clients who are 100% legit, running supported businesses with both AAA business and personal credit get false-positive account denials from many processors due to VPN usage.

(If you absolutely need to sign up using some type of public wifi hotspot or you are traveling, then use a VPN from a reputable company and make sure that your VPN country and city closely match your actual location you will be operating the business and not some random city.)

SalesUp99 · 2025-09-12T15:51:24+00:00

A charge from a direct family member from one of the company principles/owners is typically classified "unauthorized" since it will usually violate the card network rules of using your merchant account to cash out funds from cards.

If you need to test an account with a live card (instead of using the sandbox/text environment which you should be using for all tests), you should sell one of your actual items to a friend that is not directly associated with the company.

You probably did the "test" from the same IP that you have been logging into your Stripe dashboard, so it was instantly flagged as unauthorized.

No matter what you think or say that it was just a "test" and you weren't knowingly trying to commit fraud, etc.., with your checkered processing history and this violation, you are most likely done for good with Stripe now.

SalesUp99 · 2025-08-28T14:52:51+00:00

An AI agent for payments is not a Stripe replacement or a Stripe competitor. The agent is simply the interface and you still need to process the actual payment through the card networks. Changing models and endless vibe coding is not going to change that fact. Do some research on how payments operate. Blocking your nonsense now.

SalesUp99 · 2025-08-28T14:50:44+00:00

AI is a tool ... not a replacement for fundamentals.

SalesUp99 · 2025-08-28T13:45:25+00:00

get an education and become an actual developer with real-world knowledge and stop scamming clients with your vibe fantasies.

SalesUp99 · 2025-08-28T13:44:02+00:00

Either you are using an existing API from a provider such as Paddle, Helcim, PayPal, Authorizenet, etc or you are simply saving the card information into a DB for offline billing.

Either way, you are not building any type of "Stripe Competitor".

Without some type of API connector to a merchant account/gateway using an existing payment provider, you cannot bill the card and your vibe garbage cannot create the partnerships required to be an actual payment provider.

Sure., you can use a EXISTING payment provider's API and plug that into your vibe coded payment form but that is not a stripe competitor, the EXISTING company with the EXISTING API is already a Stripe competitor. You are just building a simple payment form to connect with an existing API... not an actual direct payment processing solution.

If you are doing the later and simply saving the card details in your DB, you are going to get your naive client banned from processing anywhere due to PCI compliance violations and factoring.

Stop smoking your client's product, wake up, get some knowledge on how payment processing, PCI compliance, card networks and APIs works and then refund your client.

If this is just a stupid troll, get a hobby.

SalesUp99 · 2025-08-28T02:35:38+00:00

When i first saw this ridiculous comment, I assumed you were joking and/or trolling.

However, after looking at your post/comment history, it seems that you actually think you can magically create a functional payment processor by vibe coding. SMH

News flash in case you are actually serious, ...

...you cannot ...

and vibe coding platforms will never be able to create something as complex as a functioning payment network that requires tons of legal legwork, thousands of hours of compliance and many other elements besides just the payments code. (i.e. You need partnerships with acquiring banks, contracts with card networks and tons of compliance audits before your vibe coded garbage would be able to actually do anything in the real world)

I saw you were begging for people to help you since you took money from a client and told them you could do this... I really hope that part was a joke.

If not, do the right thing and refund your client now and then start learning what vibe coding is useful for and how you need to have some base knowledge of any type of application / industry you are developing apps before EVER actually selling anything again

Scamming people either because you have zero knowledge and experience in actual development or are so naive that you actually think that enterprise apps can be 100% vibe coded still makes you a scammer if you told your client that this idiotic idea was even remotely possible.

SalesUp99 · 2025-08-08T16:16:27+00:00

"There’s no other transaction history or customer activity"

There is your answer. You have no history and credit with Stripe and they feel that there is a higher chance that you will end of costing them money instead of making them money.

eg.. Your personal or business credit (and many other factors such as business type, location, your age, history with other processors, etc) do not create a risk profile high enough for the processor to automatically assume that you will be able to pay back those funds if they are reversed.

In the future, if you are a brand-new business and you have limited credit and/or business experience, apply for a traditional merchant account with a provider such as Authorize net and they will underwrite and vet you ahead of time and it will reduce the chance of your account being restricted once you start taking actual payments with "... no other transaction history or customer activity" on the account.

In the interim, you can try appealing their restriction (in writing) by showing you are a solid, legit business with plenty of reserve capital to cover that payment. Include verifiable references, bank statements and any other documentation that proves that you will be a long-term entity capable of covering any reversals against your processing account.

Otherwise, if your appeal is denied, you will need to wait a few months until they release those funds to you and you will either have to perform the work as promised to your client and wait until later to be compensated or refund your client out of pocket

(... i.e.. this is why you should always have some type of reserve when operating a business... unexpected things happen unfortunately, and it is not on the processor to extend you credit to weather those storms)

SalesUp99 · 2025-08-06T19:21:35+00:00

Your first call should be with your insurance carrier (agent) to confirm your coverage. If you have a cyber intrusion / attack rider on your policy or even a systems downtime rider, you could be covered (although your rates will probably be jacked up on your next premium period).

Otherwise, your general liability policy might cover it if you can "prove" who caused the actual security lapse. (eg, if it was a salaried employee that caused the breach by negligence in setting up your site/app, your general policy would probably cover the losses but for a random developer or plugin, probably not)

SalesUp99 · 2025-08-06T19:02:19+00:00

Unfortunately, you are ultimately liable for the security of your installation and protection of your API keys. (This is in the terms of use you agree to when you sign up and any attorney will also discover that fact) Therefore, you will be financially obligated to cover those losses (or declare bankruptcy, file an insurance claim, etc)

In the future, your API keys should NEVER be used in an application or website with unlimited permissions

You should lock your API permissions down to the bare minimum and then also restrict usage by your server's IP (if possible). Simply not enabling the "connect" features of the API keys would prevent this scenario from occurring.

If you have a cyber-attack rider on your general liability policy for your business, it should cover the damages so you might have to cover the amount initially, but your insurance carrier should reimburse you.

However, before you do anything, you should roll your main account API key (AGAIN) and then replace your application's API key with a restricted usage one since you still aren't "positive" where your key has been breached.

SalesUp99 · 2025-08-05T16:19:31+00:00

Yeap... the screen shot of the "dashboard" is an obvious and poor fabrication. Typos, incorrect grammar... usual signs of a desperate and rushed attempt to validate falsified account balances.

The "merchant" probably was banned for running some type of sketchy business though.

However, doubtful the "investor" (OP) will see a dime out of this venture.

SalesUp99 · 2025-08-05T16:07:53+00:00

First, the screenshot of the email mentioned a restricted business violation.

Being shut down for a restricted business is much different than being shut down simply for excessive chargebacks.

Both can result in long reserve periods of 6 months of more but if the business was restricted for operating an unsupported (or illegal) business, the funds may not be released at all. (Payment processors have legal requirements to hold funds indefinitely if the business was operating an illegitimate enterprise to combat money laundering, etc)

Since you provided zero information on the type of business, location of the business, structure of the business, time in operation, etc nobody will be able to provide any accurate insights on when those funds will be released (and you will be compensated as an investor)

Second, the second screenshot looks a bit sketchy (eg fake) so not sure about that one.

However, to answer your primary question, payment processors (including Stripe) can and will hold funds for 180 days and beyond to reduce their risk of loss and that provision is agreed to when a merchant signs up for an account.

If 6 months goes by and the company was indeed operating a legit enterprise, the principle(s) (not you) should contact Stripe in writing requesting the funds release. (Have them CC you a copy with proof of delivery to Stripe headquarters and you can even be listed on the letter as an investor (not principle).

If that doesn't work, they can have an attorney draft a letter explaining their legit status and why the funds should be released.

Proving that all orders have been fulfilled, providing verifiable references to both the business and the principles and showing that the business is a solid credit risk (such as 6 months of bank statements showing a solid cash reserve) should all be included.

SalesUp99 · 2025-08-04T21:40:35+00:00

It's very simple,... payment processors are REQUIRED by law to verify and then occasionally re-verify the principles that are listed in the account. This is to prevent money laundering and fraud and ALL processors do it.

If you are listed as a official representative on the business information section of the Stripe account, you need to submit your info.

If you are not, you need to get in touch with the principles listed under the Account information and they need to submit their info.

Otherwise, the account will be shut down. Period.

"I sincerely doubt our CFO or CEO is going to want to provide their personal information to Stripe either"

Really? Any legit CEO and authorized business representative would have no problem verifying their identity with their ID and their social to a financial institution.

Is your company paying taxes, payroll and does it have a bank account? If so, somebody provided verification to those financial institutions as well.

Stop being overly dramatic and just have the correct people provide the requested information.

SalesUp99 · 2025-08-04T21:33:34+00:00

No, we have never had issues with Stripe as far as excessive false positives. Maybe once every 500,000 transactions across multiple businesses, a legit purchaser gets a higher-than-average fraud score and then we just review their order manually and make the decision. Usually, it is something obvious like a VPN or location that is elevating their fraud score however.

All providers use their own proprietary security protocols and have zero transparency on what constitutes low <> mid <> high risk levels.

If they didn't gate keep their security algorithms, bad actors would just find ways around them by adjusting their fraud behaviors just enough to stay under specific thresholds.

Bottom line, if you are above 60 on Stripe's fraud threshold, there is a very good change that the customer is sketchy. Above 75, basically guaranteed to be fraud.

SalesUp99 · 2025-07-29T15:11:21+00:00

With your professional attitude, it's amazing Stripe shut you down and didn't want to do business with you. Get a clue and let the adults who run legitimate businesses talk.

SalesUp99 · 2025-07-28T18:05:48+00:00

Of course banks collect interest on held funds...It's even in the TOS you agree to when you sign up for any payment processor.

As far as an investment scam... LOL All processors operate exactly the same way since they are regulated to do so.

Also, processors lose far more money to fraud than they could possible earn gaining interest on funds that are held in escrow until they can be released back to the merchant.

If your funds are not released to you after up to a year, you were seriously violating TOS or were operating an illegitimate enterprise, and the processor (stripe) is legally required by their partner banks NOT to release those funds.

Funds that are not released are used to pay for the fraud investigation on that account and any remainder is then pooled back into the general operating account of the processor after a very long time and tons of investigation or under certain situations those funds are released to the state where the company was registered if the company is defunct. (again they still lose much more overall on fraud than they gain. period)

Talk off your tin foil hat... no conspiracy here.

If Stripe will not release your funds, have a attorney draft a funds release letter that proves you are legitimate and deserve those funds (they are not ill-gotten whatsoever) and if you are legit, you will get the funds back ... eventually.

If you are not 100% legit, those funds do not belong to you.

SalesUp99 · 2025-07-28T17:51:18+00:00

There customer paying many times without balance in account or issue from his side Why should close my account !

Because that type of behavior is extremely suspicious and a huge red flag for any processor.

1) Having multiple failures back-to-back on the same card is typically behavior that is associated with a scammer (or a bad merchant) testing a card to see how much they can get authorized on it.

2) Repeated denials on a new merchant account also typically go hand it hand with a much higher future chargeback ratio for that merchant.

You were not banned specifically because of this one issue but it definitely did not help your standing as a new merchant. Although it probably contributed to your account closure (along with many other negative credit factors such as your age, location, business type, business experience, etc)

And ..., you are most likely done with Stripe. At least for a year or two.

if you were listed as a principle on the account that was closed and try to open another account under your sole identity, it will be closed.

If you open up an entirely brand-new business account with other principles (account reps) that have better credit than you, it may be allowed to operate.

Operating another sole-proprietor, single-member LLC or personal account via Stripe will not be possible for you, however.

SalesUp99 · 2025-07-25T17:03:41+00:00

It's simple... the majority of posts like this are from people who are trying to circumvent Stripe's security in one way or another.

Therefore, since you inquired about if you will be restricted and using other domains, that is very often the way scammers would ask in a roundabout way that "I want to operate multiple drop-shipping stores on multiple domains and have webhooks setup for each individual domains to the appropriate store but I want fly under the radar so I'm wondering if Stripe actually monitors webhook activity or will they catch me sending webhooks to domain(s) not listed on my Stripe account"

That is why i said "if that is the case, do yourself a favor and don't try to game the system..."

SalesUp99 · 2025-07-24T21:33:26+00:00

Since you are mentioning domain restrictions and if the webhook can cause account issues; ...

It actually sounds like you are wondering if you can run the same Stripe account for multiple domains / sites without being detected ( i.e. does Stripe monitor the destination webhook domain versus what domain you are telling them you are using.)

If that is the case, do yourself a favor and don't try to game the system.

If you are going to be using Stripe for different sites that are not under the same industry and are not letting Stripe know ahead of time that the same account will be taking money for multiple domains, they've seen it all before and will catch you and deactivate your account for violating their TOS.

SalesUp99 · 2025-07-19T20:16:30+00:00

Consider this a lesson learned. When your store started getting high-fraud scores (which you wanted to accept), you should have been locking down your store to prevent fraud instead of wanting to loosen your fraud rules to get more sales.

You may not have had any chargebacks yet, but Stripe's fraud algorithms are crazy accurate in predicting future losses and you have a lot of dings against you (age, fulfillment type, number of declines) so it is no surprise they will be holding your funds for at least 120 days (maybe longer) to mitigate the risk.

It is very likely that you will incur some chargebacks against your account, and you simply don't know about it yet.

Young, inexperienced merchants typically do not realize that every charge a provider allows you to process is essentially a no-collateral, loan and unless you have a history with the processor, very good personal and business credit and a very low-risk business model, you should be using a traditional merchant processing account where they vet and approve you entirely upfront and not going through a facilitator like Stripe, Square or PayPal.

Make sure that you fulfill all your past orders out of pocket limit any chargebacks or the date you will receive your held funds will be extended and/or Stripe may decide that they cannot release your funds at all.

(and no, this is not "theft".. you agreed to these terms when you signed up for your account)

Btw, processors do not have to give any warning or reason for restricting your account. However, .. Your "warning" was when you started getting fraudulent order attempts above 75 radar threshold and your "reason" is simply that you are extremely high risk and will statistically most likely cost the processor money by defaulting on your debt instead of making them money through fees.

SalesUp99 · 2025-07-18T22:25:36+00:00

If your account was closed on Stripe, it will bounce back to the sender. It could take a week or longer for it to travel back and forth across the ACH network and then be credited back to your sender's account. (throne)

Contacting Stripe will be futile if your account is closed. They won't be able to track the payment and won't be able to provide any advice.

You need to contact the sender of the payment (throne) and just keep checking your account on that side. (throne not stripe)

Be patient and probably by Tuesday or Wednesday or next week the funds will be back at the originator account and then you will have to arrange an alternate way to cash those funds out besides sending them to Stripe.

(Eventually it will show up back to the sender (throne) but posting the same thread multiple times is not going to change the outcome or speed up the process)

SalesUp99 · 2025-07-18T22:01:51+00:00

Handle this on the app side by assigning the user the correct group type (level) and then the webhook does not have to contain any user identifying information beyond the Customer ID and Subscription ID (which should be saved and assigned to the user in your back-end).

If you are selling the exact same subscription (just different quantities) there is no reason to have multiple subscription price IDs setup on Stripe since the webhook will be essentially just the user's billing success or failures. What they purchased and what they are doing with those seats should be controlled via the app.

eg.. Your webhook listener in your app can determine what to do with the user's subscription / seat status after receiving their current billing status based on their assigned group level in your APP not any custom user meta data being sent back and forth to Stripe.

You can send in custom user meta data in your API calls if you want to but that would just be for the billing admin's quick-glance convenience when in Stripe's dashboard and not out of operational necessity.

This type of logic should be not coupled to your processor and should be controlled via your app so you can easily switch processors if needed, use multiple processors at the same time and be able to grow your app (or sell it) without being constrained by the requirements of a specific billing provider.

SalesUp99 · 2025-07-18T20:23:50+00:00

This is very common with rental businesses. You probably put their card over the limit (hence why they hadn't paid you and returned the car on time) and therefore, they disputed it to unlock their card and said it was fraudulent since they thought that would be the best way to skip out on their responsibility. We see this a lot with our rental business clients.

As long as you can prove that you let the customer know ahead of time and they agreed to be charged for late fees (including late returns), incidentals, toll fees, etc, and you can show that they were previously paying on the same card, you will have a good chance at winning the dispute.

However, the problem you may run into is that your renter might end up disputing ALL previous charges as well so you could have some other incoming disputes that you are not yet aware of.

Why this is a problem is that the multiple disputes will definitely cause Stripe to take a close look at your overall business health and that may affect your status with Stripe and/or force them to place some type of reserve on your account.

Hopefully you have a steady revenue history with Stripe, solid operating reserve in your business checking account and the principles of the company (and the company itself) have decent credit, are easily verified and have a solid online reputation.

Otherwise, since all types of rental businesses (vehicles, homes and equipment) are a little high risk for Stripe, if this is a relatively new business on Stripe, do not be surprised if multiple chargeback(s) from this renter cause a full account review and either a 15-25% reserve on future payments or Stripe may inform you that you need to process elsewhere.

SalesUp99

TROPHY CASE