Paypal, sort out the problems you've had for years on your main site:
* Incredibly slow page loads
* I have to login twice each time
* If I browse too many pages, the query string gets so long my requests fail
* It goes on and on
Good on you for listing your gripes with them. Too often I see people complaining about PayPal in general but I've managed to miss actual reasons before now.
Things like getting your funds frozen by Paypal when you're a legitimate business and handed over a fuckton of documentation and proof of legitimate orders to prove it. Which then destroys your cashflow, which means the typical 'pay in 30 days' that is extremely common in business 2 business transactions gets messed up because Paypal froze your money. You can't pay your supplier, your order doesn't come in, meanwhile you've been shipping your product to your customers despite the fact all the revenue from these orders is getting insta-frozen, and now you're starting to actually get legitimate issues of customers not getting their product because you can't pay your supplier for new product and can't ship to your customers, which makes Paypal clamp down ever harder to 'resolve these issues before we unfreeze the account', which of course is an issue they created and an issue that can't be solved because they're kidnapping your money.
So now you need to find external financing (we're not talking about Amazon here, but commonly 1 or 2 people selling products from their home, the internet's mom & pop stores) to fund the supplier's order, then ship, cancel customer's orders so you can prove to Paypal you can ship to every placed order (who leave negative feedback, understandably), and see customers cancel orders themselves (more negative feedback), and then unfreeze the money, pay back your financier, place another order with a supplier and hope to regain lost customers.
And that's the simple story, the true story is extremely frustrating and much more complex with cashflow being frozen for 6 months while you're trying to keep your business alive. Not everyone wants to recount it every time they want to criticise Paypal.
Now if there were legitimate concerns, cool. But as nailer said, you can find tons of stories of people who ran into these issues for no reason and without a reason given, without due dilligence and without the type of 'reasonably swift' (i.e. days or at most weeks, not 6 months) recourse & resolution of frozen cashflow you need to run a business without going bankrupt.
A tip, if anyone ever does a product launch with Paypal, call them beforehand. Launching a product and selling in a spike the first days/weeks (i.e. extremely typical for virtually every launch ever) is a red flag for Paypal.
Which means for anyone doing a pre-order, well you're fucked if you get unlucky. Plenty of stories of people doing a legitimate pre-order campaign with customers willing to wait say 2 months on the product. Halfway through your pre-order campaign you think 'alright I'm at $60k right now, I'll probably make it to $100k. I'll start to order from my supplier about $80k's worth for now to be on the safe side. You pay $25k of your own money upfront'. Campaign is over, you reached $100k, your supplier is busy, you call him up to adjust to $100k, and tell him you'll pay the remaining $75k right away. Turns out all your money is frozen. Supplier won't ship, Paypal won't unfreeze the money for months. You inform your customers, they're sad. 3% of them files a complaint with Paypal for a refund, which now means that 100% of Paypal's feedback from customers about you is negative, seeing as you haven't been able to ship to anyone yet.
You might think well good, Paypal protects its users from fraud (despite a total ignorance as to how normal pre-orders work, thereby screwing over their users), but this stuff happens to people who've done business with Paypal for 5-10 years. It happens to companies with solid internet reputations that takes 5 seconds to review on the internet or with a phonecall whether they're legitimate.
And that's the 'normal' stuff, i.e. selling a videogame, a bracelet, a usb charger etc... But if we get to the really controversial stuff, like omg sex on video, I know I should use the p-word but I'll just say it, porn... did that get censored? Well then you're out of luck with Paypal entirely, which is insane.
Also worth noting that their terms are pretty seller- and user-hostile. You described some of the seller-hostile instances above (here's another [0] from a few years back).
But they've also rolled out some pretty user-hostile stuff in the past year. At one point, they were set to roll out a new privacy agreement that included permission for them to robo-call you at phone numbers that you hadn't provided to them (with no mention of how those numbers were obtained).[1]
It happens with cookies as well. It's especially bad on the developer sandbox. If you ever have trouble using the sandbox it's either because your cookie is too big or it's broken for the 11th time this week.
Paypal sandbox was always really problematic when I used to have to use it. Full of odd cases where you'd suddenly find yourself outside of the sandbox, or undocumented issues such as needing to run your IPN listener on port 80.
For those of us who have been around a while, we might remember this as being PayPal's original purpose in life. I remember paying back friends for lunch using PayPal and feeling like we were living in the future.
Only later did PayPal move into the merchant space more seriously. Maybe my memory is poor and they launched with merchants at the same time but it took a few years for me to ever purchase anything with PayPal, it was all between consumers before.
Oh wow, all of these make me really not want tot rust this service on any level. I mean how stupid can you be to not make a list of usernames to filter/block when designing this sort of system?
Wow, thanks for the heads up! Yeah, I mean like I only use websites that allow me to use 2048 character passwords, because I like to use lorem ipsum websites as my password generators.
Or they just have length bounds on every string input that they have (as they should) but the person in charge of deciding the bound for the passwords did a bad job and picked too low of a limit.
The issue is not the 20 characters, but the underlying reason for it. There's no technical reason they would need it unless they were storing it insecurely.
Granted it's possible they're limiting it to 20 for a nontechnical reason, but I have some 40-character passwords in a password manager. Long passwords are not only reasonable, but this is a giant alarm bell if they even imply they might be storing them insecurely.
What are you talking about? Taken to its logical conclusion you would have sites support passwords up to a million characters or else it is a sign that they are insecure. Having some limit is perfectly sane.
I also find it a bit "armchair quarterbacky" to be calling out PayPal on security practices. They've been around the block a few times, and though I certainly don't love them, they aren't making rookie mistakes like not-hashing passwords or the like.
You are just spreading FUD for no discernable reason. 20 characters while not the epitome of greatness, isn't a sign of the end times.
It should, but I think parent is talking about the input string having a limitation, which limits the amount of combinations you could have in your password. My original comment still stands, though, as 20 characters is a large amount of combinations (although I just did some quick calculations to find it's still less than 128 bits... 114 or so).
You can DOS a site that doesn't have password length enforcement. 20 characters really is too low though, because it rules out a lot of pass phrases. I believe Django allows up to 4mb for the password, which is more than enough for any sane password.
> I can't see any reason for this other than that they're storing them either encrypted or in cleartext.
I can't see any reason for this conclusion other than the fact that you've never worked for a large corporation where product development often dictated by departments other than IT.
> I can't see any reason for this other than that they're storing them either encrypted or in cleartext.
One of the (bad) reasons companies impose password length limits is that the user is less likely to forger a shorter password, and therefore it saves money on inevitable support calls.
Granted, a 20-character limit is probably too high for this justification to be valid.
> We’re adding new regions as fast as we can. Check back often to see if it’s available in your country.
That's just seriously bad. "Check back often" -- they won't even provide a list of currently-available countries, let alone a simple "leave your email for updates" box.
It's a financial service, they're covering their ass from unforeseen tax issues. If some people in Russia decide to use it, and paypal hasn't checked to be sure that this is all completely legit under Russian tax law, there will be huge problems for them.
But the argument is that if you can get a PayPal account in Russia, and if you can send money to that account given the existing PayPal user interface, how is this feature different?
It´s available here in Germany and I feared that fees would apply for every transaction but learning from the FAQ, when transferring money between friends/family this is actually free. Given, that in Germany, transactions between banks are free too, the whole cycle of shifting money should be also free for Paypal (omitting costs for running the service of course).
I am looking forward to trying it out, it might be much nicer than giving someone the IBAN and letting him handle the transaction via the bank.
An alternative in Germany (or any country adhering to the IBAN/BIC numbering system) is cringle [1]. It uses direct withdrawals (Lastschrift) or wire transfers and does not require the other party to have a cringle account in order to receive money, according to their website.
Cringle transactions are only free since very recently. Prior to that they wanted something between 10 to 20 cent per transaction. Even worse they seem to need six days for your transaction. (It's three days per transaction and they transfer it to their own account in-between)
Did it turn out to be true? I haven't deleted my account yet, but I haven't made new purchases nor signed any new agreements since then. Especially since there may not even be a guarantee that they won't do it to people with "disabeld" accounts.
Edit: I just registered the .me account for my regular name, so I won't have someone posing as me or getting payments from people who've confused the owner with me, as a precaution.
Terrible site, slow load times, history of poor security. Disenfranchised workers and a bureaucratic nightmare.
Along with a history of freezing assets of popular projects for no reason. (wikileaks donations for instance).
I agree that the site isn't great, but I'd still call that above average, especially nowadays. Load times are fine for me (using O12). Poor security? (other than not having two-step authentication)
The rest of the things just comes with it being a huge corporation that pretends it's not a bank I guess. Funny thing if you search for PP here
Tried /reddit, /cocacola, and my first name - all taken. Got /sjg, my initials, but now I want to go back and get /rocketships, since that's my domain. Damn! They only let you have one!
Ahh I tried doing this with Stripe and Stripe Checkout on StripePal.com but they wouldn't let me do it because money services businesses aren't allowed :(
I really like this concept though. If I wasn't paranoid about frozen assets I would be happy to use it.
Paypal owns Venmo (via the Braintree acquisition). How is this not cannibalizing on Venmo (whose primary existence is around sending money btwn friends)...?
The Venmo team is a different team, located in NYC instead of California, has a brand that people actually like, something something middle managers. This kind of nonsense is standard issue from eBay and I don't think it would have changed in a month of separation.
Venmo has a team in SF now, and eBay doesn't own PayPal anymore.
Personally, I think it makes a lot of sense. This seems like a lower-friction flow, especially when requesting money from people who have never heard of Venmo – not everyone trust a payment processor they've never heard of, and PayPal has much broader awareness than Venmo.
* Incredibly slow page loads * I have to login twice each time * If I browse too many pages, the query string gets so long my requests fail * It goes on and on