Why subscription cancellations are designed to be difficult

You found the cancel button. You clicked it. You confirmed. You got a confirmation email.

The charge appeared on your statement the following month.

This is not a bug. It is not poor customer service. It is the intended outcome of a system designed to make cancellation fail.

Here is how it works.

The mechanics of a subscription charge

When you sign up for a subscription, the merchant does not take your card number and charge it manually each month. What actually happens sits deeper in the payment infrastructure.

Your card details are stored in the merchant's payment system, usually as a token: a reference number that represents your real card. As long as that token is valid, the merchant can submit a charge against your card at any time, subject to your bank approving it.

This arrangement is called a Continuous Payment Authority, or CPA. It is distinct from a Direct Debit. A Direct Debit is authorised through your bank and can be cancelled through your bank. A CPA is authorised through the merchant and sits outside your bank's direct control. Cancelling it requires the merchant's cooperation.

Which is precisely why cancellation flows are designed the way they are.

What dark patterns actually look like

The term "dark pattern" describes interface designs that work against the user's intended action. In subscription cancellation, they are systematic.

The confirmation loop. You click cancel. The system asks if you are sure. You confirm. The system asks why you are leaving. You select a reason. The system offers you a discount to stay. You decline. The system asks if you want to pause instead. You decline. The system tells you cancellation will take effect at the end of your billing period, which was yesterday, so you will be charged one more time.

The channel switch. You signed up online in two minutes. To cancel, you must call a phone number. The phone number has a 45-minute wait time. The cancellation team is only available Monday to Friday, 9am to 5pm.

The hidden button. The account page has a prominent "Manage subscription" link. Inside, there are options to upgrade, downgrade, and pause. Cancel is not listed. It is in a different section, under a different menu, labelled something other than cancel.

The cooling-off trap. The cancellation is confirmed, but the confirmation email explains that your access continues until the end of the billing cycle. Four weeks later, a renewal charge goes through. The earlier cancellation, it turns out, only cancelled your access, not the payment authority.

None of these are accidents. Each one is a measured decision made by a product team whose metrics include cancelled subscription rate.

What UK law says about this

The Financial Conduct Authority's Consumer Duty, which came into force in 2023, is explicit on this point. The guidance states that firms should make it at least as easy to leave their service as it is to sign up for it. It lists unreasonable cancellation barriers by name: excessive confirmation steps, long wait times, requiring a phone call to cancel an online subscription, and auto-renewal without clear disclosure at the point of sale.

These are not aspirations. They are requirements for regulated financial firms.

The problem is that most subscription businesses are not regulated financial firms. They are retailers, streaming services, software companies, and gyms. The Consumer Duty does not apply to them directly. Trading Standards and consumer protection law applies instead, but enforcement is slow, and individual consumers rarely have the leverage to pursue it.

Your Continuous Payment Authority rights are stronger than most people realise. Under the Payment Services Regulations 2017, you have the right to cancel a CPA by instructing your bank or card issuer directly. The merchant's cooperation is not required. If you tell your bank to cancel the authority, the bank must do so. Any further charges from that merchant must be refunded.

In practice, this works inconsistently. Some banks make it straightforward. Others require written notice. Some front-line staff do not know the rules apply.

What you can do right now

If you are trying to cancel a subscription that will not cancel, these steps work in order of escalation.

First: cancel in the merchant's system. Document every step with screenshots and note the time and date. If cancellation confirmation arrives by email, keep it. You will need it if you dispute a charge.

Second: contact your bank directly. Tell them you want to cancel the Continuous Payment Authority for a specific merchant. Quote the merchant name, the amount, and the date of the last charge. They are legally required to action this.

Third: if charges continue after CPA cancellation, dispute them. A charge after a CPA has been cancelled is an unauthorised transaction. Your bank must refund it. This is not a goodwill gesture. It is their legal obligation.

Fourth: file a complaint. If the merchant continues to charge after the CPA has been cancelled and your bank has been instructed, file a complaint with the merchant, then escalate to the Financial Ombudsman Service if your bank is involved, or Trading Standards for the merchant directly.

The deeper problem the CPA does not solve

The CPA route gives you a mechanism to stop a specific charge. It does not solve the underlying issue.

The merchant still has your card number in their system. (For a full picture of what data merchants receive and keep, see our earlier post.) They cannot charge it once the CPA is cancelled, but the data is there. It sits in their database alongside your name, email address, and purchase history. If that merchant is breached, your card number is in the breach. If they share customer data with third parties, your payment history travels with it.

The card number is the thread. As long as the merchant has it, you are connected to them even after the subscription ends.

Subscription cancellation is difficult for two reasons. Dark patterns are one. The architecture of card payments is the other. Your card number is a persistent identifier the merchant holds indefinitely. No UK product currently offers a mechanism to revoke it. You have no mechanism to revoke it once given. You can stop them charging it. You cannot make them forget it.

A disposable card number issued per merchant changes this at the root. The number you give the merchant at sign-up expires or is cancelled when you want to end the relationship. There is nothing to dispute, nothing to follow up, and nothing left in their system worth keeping. The subscription ends when you decide it ends.

eigin is being built so the subscription ends when you decide it ends.

---

eigin is a pre-launch UK product being built to issue disposable virtual card numbers for online payments. The virtual number reaches the merchant. Your real card number does not. Join the waitlist to hear when it launches.