PayPal security is amazing. It randomly locks people out of their accounts and randomly closes their accounts too, but actual fraudsters and criminals are never deterred.
I never worked for PayPal, but I did for a competitor.
Dealing with fraud is a red queen game: The fraudsters can keep trying until they find what gaps are there in your system, and will sometimes communicate with each other: Part of our defense system involved infiltrating some of those spaces and seeing the guides that were being sold to try to commit fraud in our platform. Meanwhile you will still have a false positive rate, and getting it all the way to zero means crazy fraud. Most people just don't get to see how much fraud is stopped before they know it exists. This isn't just for financial institutions: You'd be surprised by how much credential stuffing is attempted at, say, any very large streaming site which charges a subscription.
Without looking in, it's hard for me to say exactly how successful their security team is, but being as big as they are, and having probably thousands of people whose only job is to do fraud on their platform, winning has to be pretty hard.
The average person has no idea how industrialized fraud has become. There are essentially entire companies with management, support staff, IT, and office buildings whose business is fraud. It is sad when you think about how many resources have been poured into it.
Per discussions on this thread, the singular reason people have tolerated their horrid service over the years they've been an effective monopoly in many locales.
> the singular reason people have tolerated their horrid service over the years they've been an effective monopoly in many locales.
This is correct. For some reason, many people (merchants surprisingly!) love PayPal and only accept payments through it, especially those outside the US and UK. Sometimes "guest payments" aren't an option, and that means you either get a PayPal account or don't purchase the product/service.
They blocked me claiming suspicious activity occurred in my account (just a low traffic personal account). Ignoring me wanting to know what suspicious activity was it and if it needed, or actually already was, reported to the authorities.
Unluckily this deletion does not hold well, occasionally with weird merchants only offering PayPal payment - credit card through PayPal - the paying fails using my old email used in the purchase and was used with PayPal before. They keep forcing me to log in. But can't! It is deleted!
I did not trust their sloppy ways then, the feeling is stronger now.
Just delete it. I used to have an account, and my experience using “guest payments” (which are usually, but not always, supported) is generally more reliable than logging in and paying.
Or you just put your regular credit card number into PayPal and tell it that you want to check out as guest. There's a little option that you need to uncheck so it doesn't try to make you an account.
Yeah. I had always thought these AML/KYC stuff were just governments/people in power expanding their arms into normal people's lives. I still think they mostly are, but after learning how much fraud is happening, I'm not sure what a better solution would look like.
Because we've seen that as soon as it exists, it quickly becomes required for ridiculous things that shouldn't require any kind of authentication, either by data-hungry companies that want to better exploit their users, or by control-hungry governments.
Until that is solved, I'd argue that the benefits are not worth the costs.
>I'm not sure what a better solution would look like
Federal government provided electronic money accounts and transfer systems, along with federal government provided identity verification APIs, where the fraud requires defrauding the government. Basically, a government utility. They do it with passports, why not with digital travel?
Obviously, this has to go hand in hand with constitutional inalienable rights to protect people's access to electronic money accounts and identity verification.
The problem isn't the fraud, the problem is that they do not pay enough staff to deal with it which leads to legitimate accounts getting closed out and people not being able to do anything about it. Money seized, etc.
It's a constant theme with these internet companies. Oh Facebook is too big to police child predation on their platform? Am I supposed to be sorry about that? Whose fault could it be besides Facebook? They built it, the people came. Imagine running a Toys 'r' Us and telling parents that its not the store's fault that child predators loom in every corner... the notion that these business should not be held liable because of the principle that it would prevent them from scaling is an abomination on society.
Yup. My advice for using PayPal is do not unless you have no other choice. I just got my monthly account statement and, as usual, thankfully zero activity.
Though extremely innovative (for its time), it's been a slipshod org since inception and slipshod is a property you decidedly do not want in a payments processor.
My only use case for paypal is booking an internal flight in a country I visit annually because they do not accept my credit card, but will accept paypal. Literally the only reason I reluctantly got an account. The horror stories I've heard, I wouldn't put any serious money in there. And their drama during the heydays of censorship a few years ago, literally fining people $2500 for politically incorrect speech at the time, I couldn't believe sane people at the company thought that was an acceptable idea. I'd really like to know the inside story of that decision. We forget how crazy 2021-2022 was.
> My advice for using PayPal is do not unless you have no other choice.
This is literally their business model, which is why they are able to get away with so many shady practices. Until very recently they held a practical monopoly on web based international payments.
Indeed. And it's not a recent phenomenon either. I lost my first ever paycheck to PayPal randomly freezing my account. Was never able to get it back. Never used it again
PayPal also appears to suffer data leaks more than anyone else. I use multiple email addresses for every service I sign up for. But of all all the spam email I get, 99% has my PayPal email on it, and I even have other email addresses posted publicly.
It's worse than you think. I've closed PayPal accounts and opened new ones with a different email address and PayPal updates the merchants who've been spamming me with the new email address. There's no legitimate technical reason PayPal can't use a mail relay with transaction specific email addresses to control spam.
Happened to me with Moneybookers a few years ago. Started getting spam from various casinos at a unique email address. I contacted support and spent a few weeks explaining that, nobody could have gotten this email address unless they were hacked or willingly sold my address. After sending full dumps of the emails and a minor threat to go public with the information, suddenly the spam stopped.
The article is about $10 billion dollars in fraudulent transactions that PayPal has allowed that the banks had to catch themselves. Given that, it's hard to say the OP is speaking in hyperbole.
The Nordic countries all have bank-backed apps for instant transfers from a checking account indexed by phone numbers. It basically replaces every peer to peer transaction that would be cash in other countries (paying back a friend, buying something at a flea market, chipping in for a gift at the office...)
In Finland, bank-backed apps became less popular (and some even closed down), and MobilePay[1] became the most common way to send money around. I believe it's very similar to Venmo.
> It randomly locks people out of their accounts and randomly closes their accounts too,
yup, my paypal got locked after using it for over 20 years. Customer service refused to help and wouldn't even tell me why it was locked. I still get messages from paypal that they "couldn't get process subscription for X." won't delete my data either.
Thank you for the reminder to move money out of Paypal, I get some money every month through Patreon to pay for server costs but keep forgetting about it.
What, you don't remember random details from all this time ago? I got locked out of mine as well and the questions to restore were ridiculous. How the hell would I know what transactions I did 15 years ago? And other stupid things like that.
Gave up on it after a while and now try to avoid it as much as I can. Good riddance.
A few years ago when they suddenly switched on flawed mandatory TFA in my country, it took them nine months before they started to man phone support so people could get in. At about the same time they also implemented a policy to charge for having money left in your balance — when you couldn't access it! Add to that that hey had started with cryptocurrency. I cancelled my account (17 years) as soon as I could.
