← Back to context

Comment by strnisa

13 hours ago

Yes, merchant abuse is a risk. What we do and plan to do:

  - Each merchant requires an OAuth grant, and customers can revoke it at any time.
  - A customer ledger shows what, when, and how much each merchant charged. This can be shown in the customer's dashboard and monthly statement emails.
  - Customers have account-level spending caps to limit exposure. We will add per-merchant caps.
  - If patterns look off or we get complaints, we can pause new charges and review.

0 comments

strnisa

Reply