This seems to do a lot more than canceling trials, and I really like the idea.

Unfortunately, you can't even get into the app without providing your phone number and then entering your banking information.

Nope, not happening.

It's not that I don't trust the kid making this app. I mean, I shouldn't trust him, but that's not even the issue. He is using a personal developer account, doesn't seem to have a proper company, is involving third parties for app functionality (including the banking info).

Even with the best of intentions, he's likely to get hacked or bought out, or his third party SDKs are, and there's no way to protect yourself from that.

You would have to be seriously foolish to type your bank username and password into this thing.

Maybe someone can make a virtual bank app, so you can sign up for virtual credit card apps...

privacy.com allows you to do this, you can generate virtual credit cards that are one use only, one source only, with spending limits, etc. The only gripe I have is that it's linked to your checking account and not your actual credit card.

I've heard a lot about privacy.com for this kind of thing lately (seems similar to bank of america's "shopsafe" feature?), and I have a question: even if your card fails to process, if you've entered a contract to a pay a subscription fee to a service provider, are you not legally bound to pay up? not that most services would bother trying to collect, instead opting to shutter your account -- but, in theory, is the legal liability still there?

Sure, and some companies could send you to collections or something similar, but not many would over a $10/month subscription.

More and more have realised that a $10/month subscription is actually the perfect thing to send to collections.

They sell it off to a collections company, often for $50 or more. That company adds fees, interest, and charges to the bill ($50 for each letter, etc), and finally takes you to court when the amount owed gets to $3000 or so.

The court can't chuck out those extra charges, since they can be seen as a legitimate consequential expense.

Except a $10/month Netflix subscription is not a lease, it's a prepaid service. They all state very clearly that if, and when, someone doesn't pay those services are no longer rendered.

The gym memberships could be different if the contract is setup to give you your first month free when you sign up for six. But even then most give you some guarantee such as "if you're not satisfied". I think your point is that this type of service creates a cat and mouse game with which there is only a temporary winner.

What I do like about this new "trend" is the abstraction of the end user. Netflix doesn't need to know who I am. If I pay I should be able to consume service. I realize this opens the door to more potential fraud for them, but the reality is the people commiting that fraud today are already using fake names, addresses and email. And if services don't have real information and single use card information when they get breached the value of each record is significantly less. So at the end of the day the inconsequential side effect seems to be a win from a breach cost standpoint.

I throw in a fake name and address

Thats the high risk strategy... After sending 50 letters and court summonses to your fake address, they finally get a court to order your ISP to give the real details, and suddenly you have a $10k claim with the added charge of fraud...

well see now thats mail fraud

Privacy only makes money from interchange so it's understandable that they wouldn't forego their revenue model by having to pay the interchange themselves (merchant pays interchange for each transaction). I assume this business model is also why it's not available in the EU, as they regulate Visa/MC by limiting how much interchange they can take.

It's because they're acting as a 'credit card processor'.

If it was card to card, they'd be eating credit card costs... they currently profit from your usage (interchange fees)

I figured that was the case, but I would seriously consider paying a reasonable annual fee to use my actual other credit cards, not every thing I buy online is cheap.

Love privacy.com, but I can't seem to use it outside the US :(

Would you be in a country that Revolut operates in? Not exactly the same, but you can get "Virtual Cards" that is different from the physical card attached to your account. You can change this "Virtual Card" after each purchase so the card number changes. Your name is still attached to the card number but if you dispose after use, attempting any additional transaction on it will fail. This will catch these free trial out and other fraudulent activity caused by sharing card details with shady online businesses.

This is likely due to anti-money-laundering / know-your-client (AML-KYC) US regulations (similar in many other countries).

Can you elaborate? I'm no longer US based, so it's not about me travelling.

It's weird that the app is still under his personal account especially when he just raised like 5MM from institutional investors: https://twitter.com/jbrowder1/status/1146544737622433792

> is involving third parties for app functionality (including the banking info)

like credit card processing the bank connection is something you want to be done via third parties. it would be a much bigger deal if he was intercepting bank logins and scraping.

In a lot of European banks, single issue virtual credit cards through app already exist.

I once worked at a large company, where half of the IP addresses in use were personally owned by one of the infrastructure guys

Why would they need your bank info at all, when the whole point of this is to not pay for something?

I can see putting in a real credit card for a subscription fee of some kind, but there is no way I'd give out bank info when the entire point of the app is to do exactly the opposite.

Because they are giving you a real credit card number with real charge capability. What if you use the CC to make an actual purchase?

So he can see who's charging you

Seems unnecessary. If the point is to not pay after free trials, why not just have a card that declines everything. It is still valid to sign up, but never will actually accept any payment request.

They go through Plaid, no? Isn't that safe?

if you hit a key on my UI I will know regardless of the intended receiver

I don't think that is true with iframes, which is what plaid uses to allow users to enter their banking information. So plaid still can get all your keypresses but an app that uses plaid does not.

To be clear you have to trust plaid, and you have verify that the web app is actually using an iframe and not just faking the plaid interface. But you are not just trusting a random web app with your banking credentials.

> The Free Trial Card is a virtual credit card you can use to sign up for free trials of any service anonymously, instead of using your real credit card. When the free trial period ends, the card automatically declines to be charged, thus ending your free trial. You don’t have to remember to cancel anything.

That’s not how it works. Just because they can’t bill your card does not mean you’re not on the hook. Anybody that’s forgotten about a gym membership on a expired card knows this first hand. Only reason they won’t go after you is that the LTV and PR isn’t worth it. If it is, they will.

> As he sees it, companies that require you to put in a credit card in order to sign up for a free trial are engaging in deceptive practices.

There’s nothing deceptive about it if the price is disclosed. Far from it. On the sell side it also has the advantage of filtering out people who cannot or would not pay for the service early on.

I believe in Quebec it's illegal to automatically turn a free trial into a subscription via credit card. I'd love to see that law proliferate elsewhere.

How do companies typically implement this? Do they not offer free trials to Quebec residents, or charge for the trial, or offer a free trial that automatically ends?

Here's an example:

> After your free trial, Amazon Prime is just CDN$ 79.00/year (plus any applicable taxes). Cancel anytime. Quebec residents receive an initial 13-month membership for CDN$ 79.00, instead of a free trial.

They just don't call it a "free one month trial". Instead they say "sign up and get an extra month free". Which is basically what the "free trial" is if you fail to cancel it.

Which I think is more than a moot point. It's more honest, and it opens up a category for companies who genuinely want to offer a "one month free trial" that doesn't require a credit card and auto subscription.

Sometimes I wonder if everything is illegal or void in Quebec. That is all I see on sweepstakes/lottery tickets, backside of boxes, warranty cards, etc.

My experience as SaaS provider is those who use virtual credit cards "for free trials of any service anonymously" also use fake names and anonymous email providers like 10minutemail.

I was just asking down thread what cases exist to block prepaid cards if sufficient funds are available. Seems like I've found my answer; for you then it seems like this removes a lot of the customer retention/customer engagement cruft?

Yeah the gym people from la fitness hounded me for years after 21 year old me thought I could just let it expire and they would auto cancel

Is a dark UX pattern not deceptive by definition?

The parent to my post was using "deceptive" as "outright lying" and I followed suit, but you're right, technically-truthful-but-misleading is deception.

> That’s not how it works

What you’re saying makes little sense for most “free trial” offers. These offers do not come with a term agreement (ie they are cancel anytime), and furthermore they are prepay. Ie you are offered a trial period and then you are billed in advance for the continuing service. So without a term agreement and prepay you’re not on the hook for anything. You just never paid, they terminate your service and that’s it.

>When DoNotPay’s system got that ping, an algorithm the team spent six months building looked at the code request to see if the purchase was for a free trial. Determining that it was, the system approved my transaction. When I tried to use it to buy a $48 pair of Thinx period-proof underwear on that company’s website, it was declined. You can't use this card to make real purchases.

if (chargeamount>0){ decline()}

Half lf the time I see "AI" or "complex algorithm we spent 2 decades on", it's literally just that.

Still technically "artificial" and a form of "intelligence"!

I've seen a charge amount of 0.01 for a free trial. I'm pretty sure it was just a pre-auth, i.e. they didn't follow up and actually complete the charge.

Was it against a bank (ie, debit) account? If so, it's a pre-note test, fairly standard in the industry to ensure a direct-debit or direct-credit can be assumed safe.

This unit tests both the debit (of e.g. $.01) and a credit of the same amount against the target. They can also vary the amount, then ask the recipient to report the amount posted (so you can prevent additional fraud that way - attacker may have your bank account/routing details but no login to your statement/transaction listing).

No, it was against a UK-issued MasterCard.

It was definitely processed through the MC network, and not via Direct Debit (the closest UK equivalent to pulling funds via ACH).

I know this because the vendor didnt have my bank account number, because Direct Debits are processed in batch (not instantly), and because the app associated with the account showed it as a card transaction.

This is presumably an actually hard problem despite the comments. A pre-auth allows the acquiring merchant to capture that authorization and charge you. Sometimes these can be for $1 or more, depending on how aggressive the service is. Pre-authorizations are subtracted from your available credit/balance.

If the card approves the pre-auth, they are (presumably, AFAIK) on the hook for that $1 if the merchant captures the pre-auth. If many (unpaying?) users start charging you $1...

I'd guess they allow small pre-auths (up to $3 say), and then keep a blacklist of merchants who actually capture the charge.

Merchants on the blacklist have all charges denied.

Any 'free trial' who actually captures a dollar from their clients will cause lots of chargebacks from their customers, so would go out of business quickly... (A chargeback costs a business ~$15 in fees)

A reasonable heuristic might be:

- if less than 0.05, approve (as no merchant would actually charge a transaction for that amount, as they'd spend more than 5 cents on fees)

- if more than 5 cents but less than 1 USD, approve it only if the merchant is already known to offer free trials

You could be fancier:

- match on amount+merchantID combo, not just merchantID

- learn a model to deal with previously-unseen merchants

If you sign up for a recurring payment with a company then the company can pursue you for the payment even if the credit card company declines it. This doesn't usually happen though because it's not worth the expense.

In this scheme it is DoNotPay accepting the liability (and declining the payment). It might then become economic for a big free trial operator to sue DoNotPay for all the declined payments.

But I'm not a lawyer. Good luck to them anyway.

This is particularly true of gyms, for some reason. In many cases, gym membership agreements have terms requiring the customer to cancel in person, too.

A gym I joined years ago required a certified letter sent to their headquarters.

I think it's a public service to tell young people how gyms work. Basically it's high pressure sales ("this discount membership offer only good for today!") plus hard to cancel memberships.

Gyms work on a model of human nature + oversubscription.

Human nature means that a huge % of people join the gym, go two weeks, and never return. Then it's hard to cancel, so the same people that don't bother coming in, don't bother figuring out the membership cancellation gauntlet.

My gym is not like this at all. It's owned and run by a real person.

They charge a day fee or a monthly fee or you can pay for 3, 6 or 12 months.

I've never given then any credit card or bank details as I pay cash, but I believe they do offer direct debit.

All the big chains use these high pressure techniques. That's why your gym is still a small business and they have hundreds of locations...

In the UK, 'TheGymGroup' literally tells you to cancel membership by ending your direct debit. They're not all that predatory.

What is the policy if you paid for 12 months and want to cancel? Do you have to provide proof that you're moving or any other nonsense?

I hate those high pressure sales!

I've tried signing up for gym twice, first time, I gave in to their pressure sales pitch (yeah I was naive) but canceled the contract under WA's RCW 19.142.040 (I have three days to cancel it for any reasons) , second time I walked away after getting tired of pressure sales. They particularly shame you for out of shape, etc, too.

This pretty much this sums up why I absolutely dislike these style of sales...

https://theoatmeal.com/comics/sell_generation

> A gym I joined years ago required a certified letter sent to their headquarters.

That seems like it should be explicitly illegal. I suspect it is already technically illegal in many jurisdictions. In the UK I'm pretty sure this would be considered an unfair contract term.

Interestingly the only way to cancel membership at my gym is to decline your payment (this is what they instruct you to do if you click cancel membership on their website)

That sounds odd just because bouncing a high percentage of transactions sounds like something Visa/MC wouldn't be too happy about.

It means the bank is authenticating your customer.

ACH / Direct Debit payments are much cheaper for the merchant to have rejected. Typically $0.25 or less.

It seems like it will do more than just decline payment:

"If you want, the app will also send an actual legal notice of cancelation to the service."

If it’s a recurring payment for a contract term sure. But most free trial offers are “cancel anytime” and pay in advance of the next subscription period. There’s nothing for them to pursue you for if you decline to pay. They just stop providing the service.

This is the service that lets you create a virtual credit card with a specific limit. It doesn't "auto-cancel" - the service that attempts to charge, simply can't make the charge beyond the limit.

Check if your bank offers this kind of service. Mine does, and it's very convenient!

According to the article it can actually cancel the service for you

> If you want, the app will also send an actual legal notice of cancelation to the service.

> It's available now through the app DoNotPay, created by 22-year-old wunderkind coder and entrepreneur Joshua Browder.

Hmm this needs explanation. Why's he a wunderkind? What did he do? I googled him and found his wikipedia explaining that he created DoNotPay. Is that enough to justify a wikipedia entry or is it because of the forbes 30 under 30 thing? Can I create a wikipedia page about myself for the apps I created?

You can, and it probably won’t get deleted immediately. However, if even a novice Wikipedia editor comes long and finds is suspect, there will likely be a deletion request. The process for deletion varies; depending on the path taken, you might have a chance to argue against it, or it might just be deleted.

I can see how this sounds like a good idea if you don't actually think about it/if you don't try it.

doesn't hurt that he basically has unlimited funds from his dad

I've noticed that when I use Privacy.com on a some SaaS sites, the site already declines the signup saying something like "we don't accept temporary cards".

I can't remember which right now, but I know I've seen the error message a few times.

Privacy.com issues you a card that is coded as a prepaid debit card. Most payment providers expose this to merchants, which means that if they choose to decline prepaid debit cards for other reasons you'll get caught in the mix.

What's the reasoning behind rejecting prepaid debit cards, if there are sufficient funds available?

Sometimes credit cards are used kind of like collateral... when you stay at a hotel, for example... you give the hotel a credit card for 'incidentals', and it is basically being used as a guarantee that you will pay for things you are going to use. Car rentals are the same.

In a sense, it is your credit card limit is basically your credit card company saying "yeah, this person is good for x amount of money". That isn't much for a prepaid card.

Because then they could no longer collect money from people that forget that they're being automatically charged every month.

Credit cards are sometimes used as a proxy for identity (via billing address) or age verification (most under-13s don't have ready access to one).

Maybe the cards are being loaded with illicitly acquired funds

That's a valid risk, but then why single out prepaid cards for this given the rampancy of credit card fraud and theft?

Edit:

An interesting answer elsewhere in the thread: https://news.ycombinator.com/item?id=20465459

Yes I've noticed it too. I think they tell them this because Maybe it's to prevent freeloaders from creating multiple audible, Netflix, etc trial accounts?

Unfortunately it also defeats the legit purposes too.

One of my credit cards (Citi) allows creating virtual credit card numbers. I've been hesitant to use them in this way, though, because I'm concerned it could affect my credit.

Does anyone know if legally you're on the hook for the paying the service provider? As technically they did provide the service, and you're "refusing" to pay for it. Presumably, if so, they could send the bill to collections and put a black mark on your credit.

If it's the cable company- definitely. They will eventually send your bill to a debt collector.

I think XYZ Startup won't do that because they would rather let it go for now in hopes that you'll become a paying customer again.

Most sites offer a month and bill on the 30th for next month.

Your cable company gives you service you pay for that service a month later.

I'm a fan of https://privacy.com/ and use it for most subscriptions and any site I don't intend to buy from more than once - basically unlimited virtual debit cards you can set a limit for and make recurring or single use (i.e. burner).

For subscriptions I don't intend to use past the free trial, I just enter a low limit (e.g. $1) and set as a burner card.

I'm a huge fan of it as well, but I use it for a slightly separate purpose: It makes fraud impossible by tying each card to one merchant. If someone steals the card, it's completely useless to them (unless they use it with the stolen merchant, which thieves don't usually do).

Sadly, Privacy.com makes their transaction information opaque. All the charges show up in your account as being from Privacy.com, and you can no longer see what charge is for what product or service or merchant, etc....

They need to give people a way to make that information easily exportable, so that I can combine this with other information from my credit cards, debit cards, and all other financial transactions.

I see them. Two possibilities?

One, your bank doesn't show the full ACH details. This is what it looks like for me at my credit union: ACH Debit PINBOARD - PRIVACYCOM - 7/12/2019 - $25

Two, maybe you enabled the "private payments" setting on your account, which omits the merchant data?

Sweet service. When will they start charging a subscription to cancel your other subscriptions?

It costs 3 dollars per month.

Can you auto-cancel this subscription?

There's no free trial, so auto-cancelling would mean you cancel on day zero. So...yes? Closing the signup form is equivalent to an auto-cancel for this service, so do that.

I'm by no means an outstandingly organised person (ask my ex-partner), yet I find it pitifully easy to pop a date in my calendar reminding me to cancel a trial, and then do it.

Is there really money to be made building services to automate things that don't remotely need automating? Maybe I should jump on it.

It’s a real pain with some services, Zipcar and XM radio require you to cancel over the phone and it could take a while

Call all the companies at once on a big conference call.

Then you can say "Hi Bob from Zipcar, Fred from XM radio, and Kate from FitGym, I'd like to cancel all your services."

If one puts you on hold, you talk over the hold music to speak to the other ones on the call.

Gets the job done much quicker typically.

What if an automated voice asks you to spell out your username/ID?

You just tell the other people on the line to be quiet for a moment while you spell it out.

Same for "press 1 for ..." type menus.

Sometimes the automated system says embarrassing things like "The balance of your account is..."

A couple of sentences of mature advice would replace the whole of DoNotPay's business. More tech not always betta.

The guy won't provide the bank issuing the card but if you have the first digits of the card number you can just go to any BIN lookup website and find the issuing bank. Its not something you can keep a secret since it used to route the transaction on the card network.

So what’s the business model here?

Last time I tried something similar (unroll.me), I paid in privacy.

It's says in the article. 3$ per/mo

So if services like this become popular enough, will services start allowing customers to do a free trial without entering their credit card number?

No because there's still the vast majority that doesn't know services like this exist and will still cough up their actual card number to watch Netflix/HBO/whatever because "it's convenient"

I had never heard of DoNotPay. Sounds like a really helpful and useful service -- there's a lot of things it does (check out the app).

I lived below the poverty line in college (didn't have loan/grant money; instead I worked 2 days/wk to pay for tuition, rent, gas, and food). The kinds of services they offer would have been so helpful to me back then.

Here is what I do, which doesn't require an app: Cancel it right away. All services I have done this with still give you the full trial period.

I actually don't want to automatically cancel free trials. I wouldn't sign up for one if there wasn't a reasonable chance I'd be interested in keeping the service.

Anyway, I find this easy and effective (free too, if you already own a phone):

When I sign up, I tell my phone to remind me to review on such-and-such a date (or "in 29 days" or whatever).

> It's available now through the app DoNotPay, created by 22-year-old wunderkind coder and entrepreneur Joshua Browder.

This "wunderkind coder and entrepreneur" is son of Bill Browder, wanted in Russia for tax fraud [0].

I realise that most HN readers (and the entire western mainstream media) are sympathetic to Browder senior, no doubt due to his personal war with Putin.

Indeed it's difficult to find any detailed criticism of Browder, however if you are interested, here are a few [1], [2].

The docco "The Magnitsky Act. Behind the Scenes" is especially interesting. During it's creation, the film-maker Andrey Nekrasov went from being anti-Putin and believing Browder, to being threatened with libel suits by Browder.

[0] https://www.reuters.com/article/us-russia-browder/russia-ask...

[1] https://www.thekomisarscoop.com/?s=browder

[2] https://en.wikipedia.org/wiki/The_Magnitsky_Act_%E2%80%93_Be...

You can just get a https://en.wikipedia.org/wiki/Controlled_payment_number and do this yourself without the fee.

Or you could just use a prepaid debit card that is drained.

It's not just about blocking transactions, with ShopSafe you can set a dollar limit per merchant, you can also do monthly recurring transactions of a particular amount, and stop them when you want, by closing the number.

So you can actually pay for a while, then block them.

You can set custom expiration dates, which is nice if you have a future transaction, but want to make sure they don't bill after that.

Even better each merchant gets a different CC number, so you have a much lower chance of your number being stolen.

I'll typically make a 1 year card with a high limit for each online merchant. If it's a one off, I'll make a 1 month card with a dollar limit of exactly the transaction amount.

How would I go about doing that?

> How would I go about doing that?

You need to get a credit card with Bank of America. As best I can tell they are the only ones who offer it.

Make sure you are able to run flash, since the tool for generating the numbers uses flash. Look for "ShopSafe" on their website once you login to your account.

"they were in Canada, a place where HBO inexplicably doesn’t exist"

It does exist. For a long time under hbo Canada now under the crave brand.

PSD2 (Payment Services Directive 2) is the new regulation in the EU that requires rebilling consent.

How do you pay DoNotPay? What is their business model?

No.

Pre-authorization times out after 5 days. The merchant does pre-authoriziation first for a small amount (like one dollar) just to make sure the payment is actually valid, which disappears after 5 days with no capture. It's just a card validation method, it doesn't reserve any funds (besides the single dollar). Consumers would be rightly upset if starting a free trial with no obligation immediately reduced their available funds by a significant amount. This is unrelated to the later charge when the trial ends, which is usually more than 5 days later, and will be a distinct charge for the full amount.

There isn't anything unethical about automatically declining purchases. It's not any different, cost-wise, from manually cancelling the trial. The merchant could however continue to provide the service, claiming that you never really cancelled it, then consider you indebted for the declined charges, but that wouldn't go over very well.

Some companies pre-auth for a significant amount (eg. 3 months service), and then cancel the pre-auth immediately.

They do that on the basis that if you don't have funds to cover 3 months service, they probably don't want you as a customer. Any service with upfront costs (eg. Sending out hardware) is likely to do this.

That's easy enough to get around - accept the pre-auth today, and deny the real charge in 30 days. It's all time bound, so there's no magic required.

> The point of this service is to actually cancel the service right before the trial ends so you won't ever actually be charged.

The Free Trial Card is a virtual credit card you can use to sign up for free trials of any service anonymously, instead of using your real credit card. When the free trial period ends, the card automatically declines to be charged, thus ending your free trial.