Chargebacks - a customer "reverse charge" that your credit card gateway will then essentially fine you for - are never any fun, even when legitimate. But as my friend Bemmu at Candy Japan discovered, when a credit card thief uses your subscription service to test the validity of thousands of cards, it can become a nightmare. A very expensive nightmare.

Of course the thief wasn't interested in buying Japanese candy. He just wanted to see if the card would be accepted, as hassle free as possible. "Hassle free". That was the key to fighting him, I thought.

The idea is simple - create a hassle small enough that your real customers won't mind, but one that there is no way he'll go through hundreds or thousands of times. Something like...an opt-in email! This is a subscription site, after all, and a subscription to a service is much like a subscription to a newsletter.

What we'll do is collect the credit card and other info on sign up, pass it all to our billing gateway for safekeeping, but don't actually assign them a subscription until they confirm the order from their email box. No charge to the card means no chargeback from the angry victim of the fraud.

Let me show you how to set this up in Laravel with the Cashier libraries. I'll assume you already know about how to get Cashier working, and have a Stripe testing account up and running. I am only going to show actual code where it is specific to making it work in the fashion I described above.