(Edwin from Stripe here.) Worth noting this is copypasta from an older post from a month ago (https://piotrmierzejewski.com/p/card-networks-exploitation). We've fixed most of these issues since then. This type of card testing has dwindled—Radar should now be catching these types of attacks.
On the chargeback point—we hate chargebacks too and we want to limit them as much as possible (we're actually working on a few things over here that we think will help with this). The banks levy chargeback fees (in varying amounts) and an average of them show in the form of a $20 fee—it's not a Stripe-specific fee and we don't profit from chargebacks.
We've just finished company planning for the rest of the year and reducing this type of fraud is a top priority. So if you think you're seeing something similar, please email me at edwin@stripe.com.
On the chargeback point—we hate chargebacks too and we want to limit them as much as possible (we're actually working on a few things over here that we think will help with this). The banks levy chargeback fees (in varying amounts) and an average of them show in the form of a $20 fee—it's not a Stripe-specific fee and we don't profit from chargebacks.
We've just finished company planning for the rest of the year and reducing this type of fraud is a top priority. So if you think you're seeing something similar, please email me at edwin@stripe.com.