Block riskier payments for new subscriptions

Author: pimterry

src/model/account/account-store.ts

@@ -152,6 +152,26 @@ export class AccountStore {
             const selectedPlan: SubscriptionPlanCode | undefined = yield this.pickPlan();
             if (!selectedPlan) return;
 
+            const isRiskyPayment = this.subscriptionPlans[selectedPlan].prices?.currency === 'BRL';
+
+            if (!this.isLoggedIn && isRiskyPayment) {
+                // This is annoying, I wish we didn't have to do this, but fraudulent BRL payments are now 80% of chargebacks,
+                // and we need to tighten this up and block that somehow or payment platforms will eventually block
+                // HTTP Toolkit globally. This error message is left intentionally vague to try and discourage fraudsters
+                // from using a VPN to work around it. We do still allow this for existing customers, who are already
+                // logged in - we're attempting to just block the creation of new accounts here.
+
+                trackEvent({ category: 'Account', action: 'Blocked purchase', label: selectedPlan });
+
+                alert(
+                    "Unfortunately, due to high levels of recent chargebacks & fraud, subscriptions for new accounts "+
+                    "will temporarily require manual validation & processing before setup.\n\n" +
+                    "Please email [email protected] to begin this process."
+                );
+
+                return;
+            }
+
             if (!this.isLoggedIn) yield this.logIn();
 
             // If we cancelled login, or we've already got a plan, we're done.

src/model/account/subscriptions.ts

@@ -6,6 +6,7 @@ export interface SubscriptionPlan {
     id: number;
     name: string;
     prices?: {
+        currency: string;
         monthly: string;
         total: string;
     };
@@ -59,6 +60,7 @@ async function loadPlanPrices() {
             : totalPrice;
 
         plan.prices = {
+            currency: currency,
             total: formatPrice(currency, totalPrice),
             monthly: formatPrice(currency, monthlyPrice)
         };