Slashdot Mirror
The PayPal Phenomenon
An Anonymous Coward writes: "Pretty interesting and thorough history of PayPal." Not really the usual fare on Slashdot, but this is a very readable account of one of the few dot-com successes. I find PayPal pretty annoying today - a lot of the anti-fraud, privacy-invasive measures which this article applauds make Paypal much less enticing to me than it used to be. And they've been accused of squatting on people's funds at the slightest excuse. But maybe that's the way to success: start off with a very appealing product, then slowly tighten the screws.
It seems to me that the problem with previous micropayment schemes was not the scheme itself, but that there was never a situation in which the convenience of using the system outweighed the risks associated with trusting an outside party with your money and transactions.
eBay provided the fluid marketplace that created the situation where that convenience overrode the inherent mistrust of a newcomer like PayPal.
eBay brought the idea of the auction as a sales model to the forefront of the net, they also pioneered community based trust mechanisms that let their model survive even though they don't back transactions directly (something that would have quickly invalidated their business model).
What was supposed to be a concept that allowed high-brow concepts like online media micropayments seems to have come about largely because of the requirements of some people to sell $5 pens and beany babies.
Probably important not to forget that no matter how large the venture capital some firm gets to change the internet, most likely it won't succeed unless we decide it will.
I've never really had anything but a good experience with PayPal (and I've used it *heavily* for two years now). Maybe it's just my good fortune.
Well, okay, I do have one small gripe. Apparently, their site cannot be convinced that a certain customer of ours is browsing from the U.K., and as a result he's having to send us a check (brits read: cheque
Hopefully their money market fund will see a bit of a recovery soon (1.9% == blegh), but hey, there's a whole slew of investment vehicles that aren't doing so well at the moment. Such is the state of the economy.
As for "overly tight fraud prevention measures", I'd like to hear from people who've simultaneously run a company basing his/her online transactions on "true" merchant account methods. Most e-based merchant account providers/processors don't place nearly the emphasis on security that PayPal does, and chargebacks are a real bitch (not to mention quite bad for P.R. if the customer who got ripped off is particularly angry about it).
Just my brief experience in these matters. Replies are very welcome!
Not surprisingly, a lot of Slashdoters doubt PayPal...which is understandable, since it's so difficult to believe that any pure-play dot com can survive these days.
However, I've had the pleasure of working closely with many of PayPal's senior management over the past two years, back since they merged with X.com. I can tell you three very important things:
1. The P2P space is actually a loss leader. Most of their profit is made in the B2B and B2C space - not pure P2P as most people believe. They do very well in these spaces and recent analysts predict that their revenue was between $80 and $100mil last year. That's a heck of a lot better than most of the not-coms we've seen over the past several years.
2. They have an incredibly intelligent, dedicated and savvy staff that understands their market and industry.
3. They have a business model that works.
In my opinion, these three items equal success.
I love their service and I enjoy working with the company. If I didn't enjoy my current job so much, I'd probably apply for a job with them.
Wow, have you thought about writing an e-commerce strategy book? No-one's ever come to that conclusion before. Incidentally, how much are those /. subscriptions going to cost?
Here's a nice outline of why PayPal's implementation is NOT very conducive to regular transactions.
http://www.gamers-union.com/paypal.html
Also interesting to note, a few days after this page went up, PayPal yanked service on the W3 storefront they'd been providing for this individual.
And now he will no longer accept PayPal transactions.
Unfortunate, but very necessary to protect himself and his customers.
Chas - The one, the only.
THANK GOD!!!
I find PayPal pretty annoying today - a lot of the anti-fraud, privacy-invasive measures which this article applauds make Paypal much less enticing to me than it used to be.
Michael. Do you look for reasons to bitch? I swear to God, wannabe privacy advocates piss me off. How do you expect PayPal to do business such as it does (WITH ACCESS TO YOUR CREDIT CARD) without a modicum of personal information, hm? Do you think it would make good business sense for PayPal to say "You know, we don't need any of your personal information. Just give us your credit card number, and we'll base our business on the honor system."
Yeah. Right.
I strongly recommend you have a look at Paypal's Privacy Policy. Since you're obviously doing some blind, ignorant whining about subject matter with which you have absolutely no clue, I guarantee you've never even clicked on the privacy policy. PayPal does their best to explain what information is gathered, why it's gathered, and how it's used. If you don't like it, don't use the service. But don't complain.
Michael's comment absolutely reeks of "I'm with Stupid", "follow everyone else's opinion" mentality. "Wow. The community is really for individual privacy! It's time for me to attempt to gain acceptance with my (cough) peers by complaining about privacy-invading goons!"
Yes. Privacy is important. However, when you choose to conduct business over the internet with a credit card, bitching about a company doing its best to protect yours and their asses only serves to make you look like (more of) an idiot.
Personally, I've had nothing but excellent service with PayPal. It's nice to be able to accept credit cards, or use credit cards to pay for something without a whole shitload of messy paperwork. I've got to give PayPal a lot of credit. They've become a very successful online transaction service, and pretty much the standard auction payment system on eBay. (Ah, no need to worry about sending checks or money orders through the mail. Instant payment rocks.)
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
I've read several interviews with Peter Theil, one of PayPal's founders, including this one where he points out that fraud was the primary reason behind the failure of many online payment services. A quote from the interview:
What are your barriers to entry? Technology? Network economics?
The nutshell answer: Security & Fraud.
The network effect will get bigger and bigger over time. Until recently, we did have all these copycat competitors and they did have difficulty gaining network traction, but their ultimate downfall was fraud. There were a number of these companies - from Payme, Payplace, Paypro, ExchangePath - that went out of business because of the fraud issue. They didn't run out of money, or not get investors to invest. They got killed on fraud.
Fried ice cream is a reality. - George Clinton
Up until recently I've never had a problem with PayPal. However, that's because I never came near the $1000 limit for "unverified" users.
I recently bought a high-priced item over eBay and wanted to pay for it through PayPal. Unfortunaly, the item's cost was $20 over my "unverified" user limit. In order to continue getting use of my account, I must give them a bank account number? Are they insane?
I ended up just sending the guy a postal money order. I was willing to verify a home address, but a checking/bank account is going too far. I guess I'll just sign up for another account...
--
#nohup cat
So are you going to file a small-claims suit against them, or just whine? I have no patience with people who say "ABC corp ripped me off to the tune of $X" but who then sit there and take it. People like that are the reason the behavior continues. Get a judgement against them. Get evidence of wrongdoing into the public record. Create a FACTUAL web page detailing your experience and see to it that a search for "PayPal" turns up your page.
If you're unwilling to do this, I can only assume you're in the wrong.
Well.. does paypal have it? That's between you and paypal.
I would say the person you sent the money to should be sending you the remainder of the cash, or delivering the items.
The fact that he couldn't get his money out of paypal is between himself and paypal.
Paypal is *very* clear that bank transfer fees will not be refunded if you do them wrong (because it costs paypal money if you do it wrong). This includes transfering to a bank that doesn't exist, or won't accept transfers, etc (I believe). It costs paypal money to attempt a wire transfer, and to sort it out later. There's a reason they charge money for this.
Also.. why did this guy try again adn again? after it failed the first, time, he should have been on the phone to paypal to sort it out properly.
This is not a failure on paypal's part. Paypal is not a credit card. Paypal is not there to 100% protect you. They are there to factilitate transfering money.
Also... this guy needs to contact paypal to sort things you. It's HIS account that's having the troubles.
Did it not occurr to you to call your credit card company and simply say 'Observe this transaction. Two of the same value. The second one is fraudulent (which it is)'. They would have reversed it immediately and left the onus on Paypal to prove they needed to charge you.
How bad are the fees? Credit Cards are scary expensive to accept. First you pay the discount fee, anywhere from 2.5% to like 3.75% or worse if the address verification fails. Plus you have to pay the processor (the place that processes the transaction. Either via a monthy fee ($25 to $100/month), transaction charge (like 25 cents or so) or both. Then you have to pay the bank that maintains your merchant account - they charge you $10 just to send you a statement each month. Then they charge you the minimum discount fee - usually $20 or so which means if you only have a couple transactions that month and the discount charges are So is paypal this bad? Credit cards are nice - no doubt. Easy to challeneg, etc. But you also have to realize they are clamping down on online merchants HARD. They now have VERY detailed security policies in terms of where CC info can be stored, how its encrypted, etc. This is a good thing, but it adds to the cost.
So don't assume it'll be a cake walk with credit cards.
Top Most Bizarre/Disturbing Error Messages
Actually, there are a few APIs that PayPal will give ya if you just ask. Things such as a way for PP to send an SSL Enabled Verification back to a CGI on your website so that you can be sure the user did do exactly what they said they did.
I had actually started building a commerce site around PayPal before I discovered RedHat's (Akopia's) Interchange and decided to do things right (ie., real CC processor). The problem with a 'real' CC processor is that the user now has to trust you and your employees with the security of their cards. This means, did ya close all the holes, have ya shut down SQL Access to the outside world (you'd be supprised how many MySQL machines I have been able to access since switching to this software and playing around with it), if ya DO use things like card storage, ya then need to (if you are a responsible sort) encrypt the data, and not just with a ROT13.
Its a LOT of work for someone designing a site on their own. You'd be supprised how many people have their sites email them the #s in plain text. Too many 'geeks' think that just because they can write a PHP site, they understand programming and security (geeks in quotes as I wouldn't consider most PHP 'programmers' real geeks...even though I'm starting to use it myself).
PayPal does most of this for you, and if you aren't willing to put the time to learn everything ya need and verify that it does what it is supposed to do, then PayPal is PERFECT for these folks even if it didn't have the 'secret' APIs to do the verification -- which the users will not see because they are sent by the PP server to your computer, NOT from their server to the users computer to your own computer...which I think it does that as well...but only for simplicity...think about it as secure as a Javascript CC Mod13 Verification system (was it Mod13? I haven't written one of these in years).
It's easy for guys like our infamous slashdot editor to comment:
Well, that's an armchair critic opinion if I've ever heard one. PayPal is now less enticing to "michael of slashdot".
The cold reality of the world is that there's a small number of crooks out there who will commit fraud, given the opportunity. Any party in the transaction who may be exposed to the potential for a loss would be acting irresponsibly by not taking reasonable measures to detect fraud before making the transaction.
In the conventional visa merchant world, the consumer is protectedby the fact that their bank will handle their dispute with the merchant and issue a chargeback to the merchant to recover the funds.
The bank is protected by their ability to issue a chargeback to the merchant. If the bank believes the merchant may not have the funds to cover chargebacks, they will hold a "reserve", which basically means they won't give the merchant some portion of their money for many months, sometimes even a year or two! (we had this shitty situation when we got started and consquently had to carry quite a bit more debt than we expected as we weren't getting the money for most of the products we sold!)
The merchant isn't really protected by much of anything in the conventional visa transaction, other than their own efforts to verify that the buyer really is the legitimate cardholder and that the goods are shipped to the correct destination. Actually, a card swipe and signature are more-or-less proof that the buyer received the goods, but with internet and mail order sales, it's a risky business for the merchant.
PayPal is in a tough situation, being in the middle of a transaction. It's really amazing that they can make this work at all, built on top of the conventional infrastructure which puts most of the risk onto the seller's side. They really need to do everything they can to detect and prevent fraud... even if it doesn't appeal to michael's tastes.
PS: I will agree that it's very un-cool to take personal customer information and use it for any purpose other than the reason it was provided. We don't do this, partly based on ethical grounds, partly because we're so small that there's no incentive, but mostly because nothing is more important than satisfied customers.
PJRC: Electronic Projects, 8051 Microcontroller Tools
- If you're unwilling to do this, I can only assume you're in the wrong.
Or maybe, just maybe, the cost to rectify the situation through legal channels just isn't worth it. By costs, I mean time invested (several hours at a minimum), financial costs and the frustration of dealing with the system. Couple that with the fact that you don't know if you're actually going to get your money back, let alone any compensation for having to fight the system and all the heart-ache, its little wonder that most people don't resort to doing the right thing. Just because you're morally right, doesn't mean the system is going to back you up.From your arguement, I can only assume that you have righted every wrong through all necessary channels, and that you are hiding behind your real name, which is Super Man, Buffy or Mr T.
I personally have had nothing but good experiences with Paypal, but I was shocked to learn that there was a dark side to it that many, many people have been burned by. It seems the fact that I've had no problems with Paypal is the exception rather than the rule -- many people haven't been so fortunate.
Some of the problems can just be attributed to "shit happens," but in many cases, Paypal is guilty of out-and-out theft: when they receive a complaint about a single transaction, they often freeze the accounts of everyone involved, and then do everything possible to make themselves inaccessible by phone or e-mail so that the accounts can never be unfrozen. They've just walked away with someone's money. Good job.
Anyway, here are some useful links that have many, many testimonials of bad experiences:
Paypal Warning
Testimonials from above site.
PaypalSucks.com
Based on the testimonials I've read, here are a few ways I can think of to make the Paypal experience as safe as possible.
1. NEVER leave money sitting in your Paypal account. Withdraw it IMMEDIATELY. They will freeze it, or steal it, if they get an excuse to do so -- any excuse will do. Don't be tempted by their "Paypal Money Market Fund". That 1.2% APR isn't going to make you rich. You'd be better transfering your money to your bank where it can't be stolen. They can't steal what isn't there.
2. Try to avoid setting up a bank account on Paypal or giving them your checking account number for any reason. They do everything in their power to convince/force you to set up a bank account, which should give you cause for suspicion. If you give them your checking account number, they can (and will) withdraw the money from your bank account at any time without permissions.
3. If you must set up a bank account with Paypal, contact your bank and tell them NOT to allow Electronic Funds Transfers from Paypal without your approval. Unlike with a credit card, there's no way to dispute EFT charges. Get this in writing from your bank.
4. Check your credit card statement carefully each month, and chargeback any mysterious charges immediately -- but not if you have money sitting in your Paypal account or they have your bank account number, because they will take your money away from you if you do a chargeback. Get your money safe first, then call the credit card company to do a chargeback.
5. Try to avoid using a debit card -- you have no fraud protection, and if the debit card draws from the same account as the bank account you have set up in Paypal, you might run into some problems because of the way Paypal does things. If you have $600 in your bank account, and you try to make a $500 Paypal payment from your bank account, it'll bounce! Why? Since bank transfers take 3 days, Paypal wants to avoid finding out 3 days later that there's no money in the account, so they use your credit/debit card to "secure" the transaction by "locking" $500 on the card and then releasing it after the bank transfer clears. So now, when you've tried to pay $500 from your bank account, Paypal has locked $500 of the $600 in the account, leaving only $100 in the account which will make the $500 bank transfer bounce. The bank will charge you a bounced transfer fee, Paypal will charge you a fee, and you'll be unhappy with the whole situation. Sometimes even when the transaction DOES complete, they still don't release the "hold" on the card for days, weeks, months, or ever.
6. Do not use Paypal for large transactions. Use some sort of escrow service. With the incredible fees Paypal is charging now, it wouldn't be much more expensive.
7. As an alternative to Paypal, consider using E-Gold instead. Instead of dealing in a national currency like Dollars or Pounds, it uses actual physical gold as currency: you actually own a stake in the vault of gold that the company owns, and you can send/receive electronic gold from others as payment. It's very expensive to get involved, though: getting money into an E-Gold account requires you to go through a currency exchange service (E-Gold does not offer this service directly) which generally charge a 15% conversion fee, and 1% of your balance is deducted per year.
The cool thing about E-Gold, though, is that if you buy 5 ounces of gold, you'll always have that 5 ounces of gold in your account no matter what happens to the value of gold or to your national currency. If you spend (for example) $200 on 2 ounces of gold, but six months later the price of gold has risen from $100/ounce to $300/ounce, you'll still have that 2 ounces of gold -- but it'll now be worth $600. Pretty nice, eh? A lot nicer than Paypal's 1.2% APR mutal fund.
Anyway, use Paypal if you have to, but be safe. Minimize the opportunities for them to steal your money. Don't use them as a bank. They're not a bank; they're not regulated as a bank, but they want you to use them as a bank so that they'll have more chances to take your money.
Play it safe, and you should be okay.
They didn't mention that paypal bought their competition, x.com, which included banking, mutual funds and stocks, then discontinued all of its operations.
If you noticed, they have a link to a wav file of the letters and digits, for the blind. Nothing requires them to really care about the other groups; if you want an account, turn on your images or get on a computer with a graphical browser.
Note the transition from peer to peer systems to one/many systems. There's something important to be noted from this.
on the phone to paypal? that phone number is a closely guarded secret and noone at paypay will give it out.
you cant call them or email a live person. you only get their automated responses..
Sorry, but any bank that ignores all it's customers is a scam, and Paypal is a scam, plain and simple... If they want to prove to me they aren't then have a live human respond to my email instead of the canned computer responses.
I reccomend to everyone I know to avoid paypal like the pleague and expect to get money stolen from them by paypal with no way of ever getting it back.
Paypal can fix that, Hire people to answer email and publish a phone number.hn
Do not look at laser with remaining good eye.
The site www.paypal.com is running Stronghold/2.4.2 Apache/1.3.6/L C2NetEU/2412 (Unix) on Linux
no, the webservers are running the abovementioned OS/servers. What the back end is could only really be stated by someone familiar with PayPal's back end structure. For all we know the back end DBs could be Alphas, AIX.. or even eNpTy.
.. and even the webserver info string could be falsified; it's trivial in the code or config. Don't assume simply by a webserver version response.
-'fester
-'fester
As I take a careful look at this new community being formed, what I see forming is a globalized, fluid, largely anonymous culture. Then I look at my local neighborhood and my city. I see people who know each other by their faces and their first names. There is a feeling of trust among everyone here. Joe, who runs an electronics shop down the street, knows that Renee is not going to try to take advantage of him or steal from him. First of all, she has a sense of responsibility toward Joe as one of her neighbors. Second, there are several rings of authority around her that keep her from wanting to do something wrong. If she gets caught shoplifting, what the government will do to her is the last thing on her mind. She will first feel responsible toward her parents and her close friends and relatives. She will then worry about what the people she goes to church with every Sunday will think of her. She would be concerned about her employer finding out "through the grapevine" that she shoplifted.
... and many feel such a responsibility towards God. In economic terms, this keep the "transaction cost" down.
... and I think that the government should be the *last* entity we should be worried about when we do something wrong!)
... so don't be surprised when you find PayPal's service substandard (and more costly) to that of your local community bank.
This sense of community helps foster individual restraint in the face of self-interest. While everyone would like to take everything they can get their hands on, they have a sharp sense of responsibility toward those around them
On the Internet, this community is virtually nonexistent. People can distance themselves from the world around them and become immersed in a sea of IP addresses. For some, a sense of responsibility leaves also, and they take the opportunity to take advantage of nameless, faceless people around the world. They don't know these people, and so their natural human inclination to deal virtuously with these people declines. And for many, the only potential repurcusion of their actions would be from the law (the government is a weak authority figure in the minds of the people
The result? Again, in economic terms, transaction costs go up. Without trust in the virtue of those around us, we need to hire middlemen to keep us all in line. PayPal finds itself in such a situation
An unjust law is no law at all. - St. Augustine