By Jeff Domansky, Jan 11, 2021
Stripe announced it will no longer process payments for the Trump campaign website and fundraising after last week’s riots at the Capitol building in Washington, DC.
On its website, the credit card processor’s terms of service say that users should not accept payments for “high risk” activities, including any business or organization that “engages in, encourages, promotes or celebrates unlawful violence or physical harm to persons or property.”
Federal Election Commission records show the Trump campaign paid Stripe more than $1.8 million in fees during 2020. That suggests more than $60 million may have been processed through the campaign website, so it’s unlikely other payment processors won’t step up to replace the former processor.
Last week, we reported Shopify’s suspension of two Trump e-commerce sites hosted on the Shopify platform, including the Trump brand store and the Trump campaign e-commerce site.
Stripe’s move happens as the US Congress and legislators weigh a potential impeachment of the President and other organizations open investigations open into the riot and questions regarding security for the nation’s capital.
It’s also a warning about what happens when payments and politics collide as the new Biden administration prepares to take power on January 20.
Stripe actions raise questions for payment processors and business
Stripe has built a powerful payment processing business that handles and simplifies online payments for millions of companies around the world, managing the interface between financial institutions, payments networks, banks, and consumer wallets seamlessly. The private company is currently worth more than $35 billion and operates in over 120 countries.
Stripe’s range of services is wide, including online, in-app, and in-person payments, programmatic payouts, programmable APIs and tools, payments compliance, creation and management of virtual and physical payment cards, payment security, and other services.
When it comes to payment integrations, Stripe has wide coverage. It supports some of the biggest payment platforms, including Chinese payment company AliPay, Android Pay, Apple Pay, Bitcoin, and ACH.
Headquartered in San Francisco and Dublin, Ireland, its biggest customers are household names such as Amazon, Shopify, Microsoft, Google, Uber, Salesforce, NASDAQ, Slack, Expedia, and millions of other large to small companies dependent on its payment processing services.
Launched in 2011, Stripe now has more than 2500 employees and operates 14 global offices, including London, Paris, Frankfurt, Singapore, and Tokyo. Investors include Andreessen Horowitz, Peter Thiel, Elon Musk, Google’s venture arm Capital G, Sequoia Capital, and Kleiner Perkins, among others, according to PitchBook.
Have you read your TOS today?
Politics aside, the Stripe actions are a warning signal for all online business owners to consider how they do their business and what their strategies are to manage such cybersecurity and business continuity.
“Aside from any potential revenue ramifications resulting from taking political sides, extremists with opposite views may attempt to harm your organization by using easily accessible hacking tools and known disrupting techniques to harm the organization. Denial of Service (DoS) attacks, for example, could quickly cripple a payments organization causing a loss in revenue,” warned Tom Garrubba, Vice President and CISO at third-party risk management firm Shared Assessments.
“Additional malicious tactics like deploying spyware, or ransomware could cause a longer-lasting outage or similar event that could drag the payments provider’s reputation deeper through the muck, ultimately leading to a dismissal of customers searching for other providers,” Garrubba added.
Another concern is the Terms of Service for everything from banking and website hosting to cybersecurity, e-commerce contracts, and payment processing to name just a few related online services.
Have you read your TOS today? Who, other than a few corporate lawyers, carefully reads the terms of service before signing up for e-commerce services, buying products, or entering into online service agreements?
Those TOS details for your payment processing by PayPal, Braintree, Square, and other providers are often overlooked or unread. As communications platform Parler discovered when Amazon Web Services canceled its hosting service, the devil is definitely in the details.
Also on the horizon are a slew of US regulatory oversight committees and numerous countries looking into operations from big tech and e-commerce practices to cybersecurity, big data controls, privacy concerns, and consumers’ protection from any number of perceived problems.
E-commerce future is filled with potential landmines
Yesterday, the world’s largest hotel company – Marriott international – as well as Blue Cross said they would stop donations to US lawmakers who voted against certifying President-elect Joe Biden’s victory. Commerce Bancshares, Citibank, JPMorgan Chase, American Express, MasterCard, and Airbnb also suspended donations to Republican objectors. GoFundMe said it would stop fundraising efforts by the Trump campaign on its platform.
Expect additional sanctions in the US and abroad in the future for a wide range of real and perceived political and business misbehavior.
At the very least, Stripe and other online payment service providers’ actions recently are a reminder to businesses to reevaluate and update risk management strategies, cybersecurity best practices, and business continuity plans. Careful planning and an in-depth review of business practices are needed. Strict business policies on everything from employee conduct to online security and external service contracts can also prevent a business collapse.
Losing your payments processor or online store can put any online business at a huge risk of failure.
LET’S CONNECT