Hacker News new | past | comments | ask | show | jobs | submit login
We got banned from PayPal after 12 years of business (niteo.co)
898 points by dz0ny on May 9, 2019 | hide | past | web | favorite | 509 comments

Don't know if it is the reason for the ban, but Niteos main product seems to be a service for creating spam networks. https://www.easyblognetworks.com, https://niteo.co/projects

Thank you! After reading the story I headed to the comments to look for this exact comment! This story was super, super sketchy! The tell was it didn't at all mention the products or services they sell. Since any normal person would mention the products/services they sell front-and-center as key information to the story, I went ahead and assumed the problem was the products or services they offer were illegal/sketchy/questionable/against TOS.

So I came here to see if anyone looked up what sort of products and services they offer.

Same! And it’s definitely sketchy, but...

PayPal could have at least pointed towards the clause in their terms that is being used for the rejection.

I am wondering why PayPal cares in this case? I had no idea what PBNs where before this thread, and I agree they are spammy and should be dealt with (by google presumably), why does PayPal see the need to ban this company? I assume PBNs aren't illegal, so PayPal wouldn't face legal jeopardy.

My guess is either Google is encouraging PayPal to do this ban or PayPal is afraid of some societal backlash if people realize they are profiting off of spam.

I am honestly happy they are attempting to limit spam, but just surprised they are harming their bottom line to do it.

It's deceptive and unethical. There should be no surprise that legitimate payment providers like PayPal and even Visa/Mastercard would not want to work with them.

PayPal also does not do business with many Porn Websites, which are generally legal.

Good point regarding porn websites being banned by PayPal. I guess it falls under my "societal backlash" reasoning.

I am truly disgusted by this comment and those with a similar sentiment below. Selling PBNs is not against Paypal’s TOS, regardless of whether or not you happen to dislike them. The point is that PayPal falsely asserted that a business violated its TOS, and that means that it could happen to anyone else - instantly and without explanation. That is the problem here.

I just googled PBN. It looks like it is a black-hat, completely inauthentic SEO tactic that has no legitimate value. Why on Earth or you defending them? Am I missing something?

You are indeed missing something. I am not defending them. But if they are doing something that PayPal hasn’t banned and obviously found acceptable for 12 previous years, it means that all businesses are in immediate danger of being instantly banned without explanation on the whim of any of thousands of PayPal employees. That is a huge problem, and should concern everyone that depends on them for payment processing.

If you are subject to the whims and value judgments of individual PayPal employees, rather than policy documents, that is truly scary. Sell something that happens to offend a random employee's moral, political, or religious sensibilities? You might lose your account. What happens if a relative of a PayPal employee decides that you weren't fast enough with customer service, and tells them about it? Can that employee go searching for your account and kill it simply because they have a relative that wasn't impressed with the speed of your customer service?

The point is that these companies establish written policies for a reason. If those policies are not being followed, then businesses shouldn't use PayPal - not because they want to defend PBN sellers, but because their own business may be at risk even when they do nothing wrong.

> it means that all businesses are in immediate danger of being instantly banned without explanation on the whim of any of thousands of PayPal employees

This has always been the case. Paypal is extremely liberal with funds they seize or what accounts they shut down. At least, that's the image of them I've had for over a decade. Maybe they've since changed...but I wouldn't store any real amount of money in Paypal for any amount of time.

Ummm....no. As a software engineer, I can assure you there are not "thousands of PayPal employees" that can just ban businesses at will. I don't even think engineers working on that particular piece of software have any jurisdiction over that. Time and time again people post complaints that PayPal banned them "for no reason", without cause, etc, but invariably when you do your research, they have violated the TOS, and they have often been warned by PayPal many times. They were scamming someone, exploiting return policies and systems, etc. People will conceal those facts, as well as their own actions which led to their consequences.

The issue here is that this company did not violate PayPal's TOS, yet they find themselves in this situation. BTW, I had a similar experience with PayPal, though my account was not open for 12 years. I didn't violate any TOS, and had no chargebacks - as in not a single one - and yet my account was effectively ghosted. I was handed a bunch of hoops to jump through, I jumped through them, and then nothing happened. The account sat in that state for so long that PayPal was eventually required by law to turn the money over to the state as abandoned. Only then was I able to get the money back - from the state treasurer (years after the fact).

So if your policy documents don't actually govern your policies, then employees are banning businesses based on their personal value judgments. That is problematic for a large number of reasons.

> The issue here is that this company did not violate PayPal's TOS

Untrue. Often the exact breach is legally prohibited from being publicly shared, but if a company is banned, then a TOS breach has happened. There is an unbelievable amount of red tape and compliance within every process, both digital and human, that occurs with regards to money and transactions. Especially in the fintech space, PayPal internally is bound to governmental regulations and auditing far more strict than any regulations imposed on customers. To suggest that PayPal can just close accounts at whim for any other reason than enforcement of legally binding terms and confiscate customer funds is simply absurd.

First, no company is ever “legally prohibited” from telling you what specific section of the TOS they allege that you violated. Second, with regard to PayPal not closing accounts on a whim, it happens literally everyday. See http://www.paypalsucks.com/ and countless other sites like it. Even the BBB lists nearly 8300 complaints against PayPal in the last 3 years - https://www.bbb.org/us/ca/san-jose/profile/payment-processin...

> First, no company is ever “legally prohibited” from telling you what specific section of the TOS they allege that you violated

Again, misplaced assumption and personal opinion. With some circumstances, especially if regulating bodies become involved, a company can be ordered by government to not share any further information with the other party, as well as freeze their funds. And even in the circumstances where that does not occur, I don't think a company is obligated to spell out for you what you violated. Sure, I agree that doesn't always look the best and it can seem like it happened "for no reason", but personally my opinion is that if someone told me I have violated TOS, I can read the few paragraphs for myself and figure it out. And they have over 250 million users, 8300 complaints over 3 years doesn't seem bad, and it looks like most of them were resolved. I get it, money gets people upset, and it's always tempting to see the "big bad corporation" turning its back on the little guy, but I personally feel like it gets blown out of proportion a lot. There's always more to the story... Being in the industry, it just frustrates me when people think these big companies can do whatever they want at will, when really their hands are often tied much more than you think.

it just frustrates me when people think these big companies can do whatever they want at will, when really their hands are often tied much more than you think

I know my experiences with them very much fall in the “big company doing whatever it wants at will” category, and I am not alone. Scores of others over the years have wound up as frustrated as you are by these comments in their dealings with PayPal.

especially if regulating bodies become involved, a company can be ordered by government to not share any further information with the other party,

This would apply to an absurdly small percentage of the accounts that PayPal closes on a daily basis.

That implies that the spammers tell the truth.

Let's just say that their credibility seems a bit sketchy.

This seems a little bit like saying that companies should be held to similar standards as governments ought to be, with regards to “the rule of law”, and the whole “the law should be publicly stated, and laws shouldn’t apply retroactively” thing.

Which is, a claim worth considering? I am not convinced yet.

I suppose that the fact that PayPal is a money transfer service, which is necessary for many kinds of businesses, and maybe kind of a monopoly, that could be a reason to treat them as more like a government than some businesses should be treated?


> But if they are doing something that PayPal ... obviously found acceptable for ... years, it means that all businesses are in immediate danger of being instantly banned without explanation ...

That's no news. Many PP user are fully aware of that fact. There have been similar cases over the years, completely unrelated to PBNs. That's the deal with PP, take it or leave it.

Because if what they are selling does not break any laws PayPal should not ban it. Or do you don't want PayPal to treat the world as their app store and pick and choose which software or service they find ok to sell.

The idea that companies cannot exercise any authority over their own product beyond what is explicitly forbidden by law is silly.

They already do that. There are a lot of legal things PayPal has banned. Try to use PayPal to buy firearms and see what happens.

Here is PayPal's TOS (although they may have multiple for different aspects of the service, and definitely for different jurisdictions), in case anyone else wanted to take a look: https://www.paypal.com/us/webapps/mpp/ua/acceptableuse-full

Ooof, PBNs are literal spam. They're designed to game Google by producing a deluge of low quality content with backlinks on whatever search terms you're hoping to squat on.

I'm utterly sick of this kind of junk.

True, but as long as there are rules, somebody is going to find a loophole or a way to game the system. I'd personally be more concerned with Google improving their product or with society's increasing reliance on a single company's service and our unwillingness to consume information critically.

PBNs are garbagey, but trying to put them all down is unrealistic. And even if they could be stopped, it would only be a band aid fix, not addressing the real problems.

Seems like limiting their payment processing was a pretty effective step.

I disagree as the article clearly states they have other payment processors and were already moving away from PayPal.

So they say.

Spammers and their ilk, though, are not really famous for sticking to the truth.

Hundreds of sites have been brought down for hosting pirated movies thanks to laws against that, don't know why putting down PBns would be unrealistic.

ah yes, and the wide-reaching effects on piracy those have caused.

Nobody is gonna start torrenting spam web sites to access their useless content.

My guess is that in this case many of the sites copied content from other sites i.e. substantial copyright infringement. That is illegal.

Don't let perfect be the enemy of good.

I don't see how that's relevant to this particular problem.

I read your comment as suggesting that certain actions aren't a good use of time or that they shouldn't be done because they don't fully solve the problem.

I understand the dissatisfaction with half-measures. But I would argue as long as the actions have a meaningful impact and there isn't a promising alternative, it is still worthwhile.

I get that, but you can waste all of your time baling out water, or you can plug the hole.

What's the difference between this and 1-click VPS with WordPress/etc preinstalled?

If you look at their other (past/sold) projects, it's part of a suite of software they've developed for "autoblogging", scraping, automatically reposting articles from prewritten databases, "enriching" them with random images, etc. It's very clear what industry they serve.

That raises another question: why couldn't Paypal simply say this?

I can imagine several plausible reasons, related to potential liability, but does that mean that if we're trying to outsource business functions to specialist firms that we can't expect them to be transparent in their operations?

Having worked in a different industry that also had to ban people I can make an assumption: they don’t need to, and doing so never makes anyone happy, so why bother. If they said it was because of their spam business, the owner would do exactly what they did on HN: “but we didn’t use PayPal for our spam business” - this won’t change the decision.

But failing to do so leads to increased operational costs, as customers contact CS again and again, demanding the rationale. It can also lead to negative press.

It's pretty easy to no longer support someone who is banned. The negative press is usually OK because like in this case, and in many others I've seen on HN, the one complaining is usually in clear violation of stated policy. It's completely reasonable to disagree with and complain about that policy, but they rarely do so explicitly, it drums up more support when the policy violation isn't made a highlight.

What specific violation of stated policy are you referring to?

I wasn’t being specific. When I said that policy, I mean the policy the company invoked to justify the ban, which the customer may not know.

Yikes. And proof, once again, that there's ALWAYS another side to these stories.

who keeps company with wolves will learn to howl

In my opinion the reason for ban, even though mentioned that unrelated to their SaaS offering, is likely higher number of transactions with parties who have been also baned for some shady practices. Such rat clusters are usualy nuked in batch.

Great observation and critical missing piece of information! My sympathy level instantly went from 100 to 0.

As I mentioned in the previous comments - we're not using PayPal to process our SaaS products.

> we're not using PayPal to process our SaaS products

Disclosure: I used to work in payment industry.

Unfortunately from the brand's perspective (Visa, Mastercard, etc.) it doesn't matter which of your product is using their channel to process payments, if the business is involved in doing something shady, the whole company will be flagged. If you already passed KYC 12 years ago, but your business _today_ won't pass KYC if you were to apply again, then it's a matter of time until you get kicked out.

I've got no simpathy for your business. It is spam plain and simple.

What were you using them to process?

No denial that you’re selling software designed to spam. Interesting.

Maybe you should focus on making your business run in the ethical clear first. You’re not getting any sympathy from me that your unethical practices got you cut off from financing.

Weird. Last comments from this account before today were in 2010.

And it took PayPal 12 years to flag their product as Spam? In any case, PayPal should be a payment processor, not a enforcer of arbitrary business standards, like tagging something as spam 12 years too late.

PayPal blocked us after 10 years due to a a Kafkaesque problem, where they decided that our Hong Kong company was both a Chinese company and not a Chinese company: https://www.cogini.com/blog/paypal-know-your-customer-failur...

I ad a similar issue when parts of Ukraine were invaded by Russia and my Ukranian developers were suddenly "Russian" developers.

Could you possibly elaborate on this? What kind of problem have you had?

Sure. My payment provider told me I could no longer work with my developers, basically.

I was using odesk.com at the time and they basically banned me from interacting with the deva.

I see. Were they the Crimea or in the the Eastern Ukraine?



US has embargo on Crymea

Hong Kong is part of China and also not part of China. So it makes perfect sense that a Hong Kong company is both Chinese and not Chinese.

The city state has its own currency, monetary policy and legal system, enough for the department of state to treat HK as an independent entity as far as trade is concerned. Given the vast amount of money and good flowing through through HK I find it hard to believe any established payment processor would lack familiarity with the status of Hong Kong. It looks more like a (poorly) made up excuse to ban undesirable users.

If you read the actual blogpost, it was more likely an administrative mistake earlier in the process that was then difficult to undo, and no one really giving a fuck on paypal's side.

Attribute things to incompetence before malice and all that, especially when attributing it to malice requires thinking they made a fairly odd decision to outright lie to customers about why you are ceasing doing business with them.

Sufficiently prolonged incompetence, when the resources are available to easily correct it, is malice.

It isn't a

> (poorly) made up excuse to ban undesirable users.

I suppose I'm not interested in debating the definition of malice as it relates to actions by a large corporation...

I have to agree. With the amount of money involved internationally with HK I highly doubt Paypal would just decide to shut down an account because of that. If that was the really the case there would have been a LOT of other accounts shutdown.

This sounds more like an excuse from Paypal, who I fear talking bad about in case they decide to ban me too :P

It's also not not China as in Republic of China as in Taiwan. This is worse than Schrödinger's cat.

Thank you for sharing this story, I have added it and Niteo to my growing list of PayPal (and other financial service) bans: https://gitgud.io/TornTongues/torntongues/#paypal (contributions welcome). Kafkaesque indeed...

> "They don't care, because it's a numbers game to them."

This sounds so similar to all other large tech companies, specially Google. Somewhere along the line all these tech companies lost user focus.

Google has spectacular user focus on the users that pay them (i.e. advertisers).

Not really. Perhaps the huge ones, but if you are small, medium or even a big one they don't care.

As demonstrated by a $50k+/mo account who's Google reps only recommend one-size-fits-all strategy and can't be bothered to listen to feedback that such a strategy only works with advertising to end customers and not B2B advertising.

The account rep is just a marketing vector for Google to their paying customers.

The lack of customer service in the Silicon Valley is a pervasive problem.

* Cody Don on YouTube teaches the masses about science and regularly gets banned. His videos are rated G to PG. Despite millions of viewers and dollars of Revenue, there is nobody he can call.

* Uber charged $1500 to my debut card a few months ago. There's literally nobody you can call about it.

* Lose your Instagram/Twitter/Gmail? Too bad, because it's free, you're treated as cattle.

* Oh then there's the paying customers too: https://news.ycombinator.com/item?id=17431609

> Uber charged $1500 to my debut card a few months ago. There's literally nobody you can call about it.

Your bank. You dispute the charge. Uber can deal with your bank. It doesn't matter it was a debit card. It means you're missing the money immediately, but doesn't stop you from disputing.

I wouldn't even attempt to contact Uber in this situation - a fraudulent charge on a credit or debit card = call card issuer or bank. I don't care what the company is, I call card issuer.

unfortunately, most banks have the policy of first asking you to resolve it (or at least show evidence that you've tried).

I would say, sending uber an email would work, or calling their number (which, they actually do - if you lost a phone in an uber, they have a number which lets you call them to get the contact details of the driver of the car you were in).

That policy is solely for disputes.

So it only applies to chargebacks of transactions you've previously authorized, not for fraudulent unauthorized charges.

If I took an Uber (or attempted to take an Uber) and I had a dispute with them about payment = attempt to work it out with Uber first.

If I didn't take an Uber at all = contact bank.

You get banned from Uber if you do that, no?

That's the second comment in two days I've seen along the lines of "You can't risk pissing off Uber because they might ban you." What a sad codependent relationship to be [ADDED: or feel you are] so locked into some uncaring tech service that you feel you basically have to just put up with whatever mistreatment they dish out.

Basically the same thing with Google, too.

What about Amazon?

What about it? I use Amazon and I would be loathe to drop it but I don’t really feel I have no choice but to use Amazon.

Do you really want to keep doing business with a company that charges you $1500 and doesn't promptly make it right?

That, honestly not trying to be snarky, is my question.

Is the convenience of an app so important to you that you're willing to deal with this nonsense?

Why would you want to stay on Uber? So they can charge you $1500 again sometime in the future?

A nice opinion to have while there are other options.

Wait until Uber is the only option for a ride across town. Now what?

Sign up a new account and catch a ride?

They're unlikely to become the only option. Maybe other options will be less convenient or more expensive but they'll exist.

For a real mistake on their side? Unlikely, but possible. Still likely less important than losing 1.5k.

Maybe they'll ban your card, but you probably have more. If they ban your phone number, they can't ban it for too long, in case it gets recycled.

If you are a driver, a ban seems more permanent, but it's not like they really identify riders.

Ban them first. Get Lyft.

That's when you start shopping your story around to local news agencies.

> Uber charged $1500 to my debut card a few months ago. There's literally nobody you can call about it.

Your bank. You call your bank.

Yeah, you don't call Uber in this case. You immediately call the card issuer and report fraud. In the case of debit charges, reacting quickly is absolutely key.

Always pay with a credit card, it's much easier to reverse this kind of stuff versus a debit card. There is literally no good reason to ever use a debit card.

>There is literally no good reason to ever use a debit card.

A good reason would be if you don't have credit cards because you have serious problems controlling your spending and you're at a place where you can't pay with cash, such as an unmanned gas station, payment terminal, on a plane, a cash-less business, etc.

I agree with the overall point, either use cash or use credit. Debit only if cash and credit aren't available.

Someone should come up with a credit card that has a dynamic hard limit connected to a checking account balance. Paid daily, too, so the checking balance is almost always caught up. Seems like it would meet the needs of those people while letting them benefit from protections, rewards, etc.

Any reason this couldn't work? Does it exist already?

> Someone should come up with a credit card that has a dynamic hard limit connected to a checking account balance.

You mean a regular bank transaction card? Is that not something that exists in the US?

I always find the American reliance on credit cards somewhat bizarre. Not having an alternative would explain it, I guess.

Debit cards exist but credit cards are often the better option if you're going to use plastic.

The problem with debit cards is because certain transactions aren't instant in the US if there's fraud on your debit card at just the right time then your rent check can bounce, your external transfers are returned, etc, and all that stuff comes with fees and headaches.

Credit cards also come with rewards whereas rewards on debit cards are rare and not as good if they exist. Credit cards usually have auxiliary benefits like (depending on the card) return protection, purchase protection, extended warranty, travel insurance, and more, whereas debit cards have nothing of the sort. THere's no interest due on credit cards if you pay your bill in full every month.

The problem with credit cards is, of course, you have the ability to spend more money than you have, and you can dig yourself into a hole if you don't use that power responsibly.

How likely is fraud on your debit card, though? On credit cards, it's trivial, because the number you need to authorise a transaction is prominently displayed on the card and needs to be shared with the merchant, all of which is of course horribly insecure.

Bank transaction cards in Netherland, presumably all of Europe, and I would hope the rest of the world, authorise the transaction in a reasonably secure[0] way between you and your bank, and the merchant only gets the money.

[0] The main insecure part is that keys are short, because they need to be memorised. But with modern automatically-blocking chip cards, there's no way to brute-force that as far as I'm aware.

In the states, most debit cards look exactly like credit cards.

If they are just as insecure as credit cards, then I can understand they're a poor choice. But why doesn't the US use more secure bank cards?

There’s no such thing as a “bank card” you talk about. It’s called “debit card” and is the exact same thing, with the exact same baseline security.

What is confusing you is probably that European banks push 3D Secure really hard, so most online transactions are further verified, and that chip&pin cards and online readers are prevalent - the same thing Americans call “Apple Pay is supported”.

All that works on debit OR credit cards.

The European (I assume, I only know the ones from Germany) debit cards are distinctly different from credit cards or the debit cards you described in that they

* don't have the credit card like information like card number, verification number or CVC code.

* They are directly linked to a bank account like you described.

* They have the account number (IBAN) printed on them. Knowledge of that number doesn't get you closer to the money in the account, though.

* To actually use them on an ATM or at a POS, you usually use chip and pin. In the POS case, the POS randomly chooses between PIN and your hand written signature as proof of ownership.

* You can't directly pay with them online, though (ignoring extra features some variants have).

* To pay online if you only have one of those cards, you usually pay by wire transfer using your account number, the pin number from above and a tan (a single use number created for this transaction only). Money reaches the recipient between a few minutes and a day later.

* Practically everyone with a bank account has such a card.

Netherland is similar. Online payment is supported not through the card itself, but by the banks through a system called iDeal, which performs a bank transfer connected to a purchase in a webshop similar to how a PayPal transaction would work, except it doesn't rely on a credit card number, but on a through two-factor authorisation process between you and the bank.

The 2FA used to be done with one-time TAN numbers on paper, but many banks switched to a special device that generates these numbers on the fly based on your account, the amount transferred and some random number, and in recent years many banks are switching to a mobile app for dedication. But authorisation always happens through some form of 2FA between you and the bank, and never relies on sending any kind of sensitive information (like credit card numbers) to third parties (merchant, PayPal, whatever).

Sadly, iDeal is only supported by Dutch banks and Dutch merchants (and international merchants that care about the Dutch market, like Steam). I really wish there was something like this that was internationally supported. Relying on sharing credit card numbers, seems really backwards and terribly insecure. Well, it is terribly insecure, as evidenced by all the panic when a company leaks a million credit card numbers. You never get that kind of panic when someone leaks a million account numbers, because in a secure system, that's simply not enough to get any money out of that account.

The current setup seems to favor the card network providers / banks. There's not really an incentive to change. Why it's like that in the first place? IDK.

This is called a debit card in the US, and almost everyone has them - but the key distinction between a debit card and a credit card is that the debit card is a direct link to your bank.

People like using credit cards (or charge cards, like some Amexes) to buffer transactions between the bank and the merchant, so if the merchant screws up there is time to resolve the issue before the credit bill comes due.

If a merchant screws up with your debit card, or it gets skimmed/stolen, the only limit to abuse is how much money is in your checking account. If you just got a direct deposit from your employer and are expecting your rent payment to pull from that account today, but your account was drained because your debit card got skimmed at a gas station... not much you can do.

My solution would be to just ban debt cards and give everyone an EBT card through the post office.

I believe you're describing https://privacy.com/

Lets you generate new debit card numbers with hard limits on the amount the card can spend. I really like them for tracking repeating payments.

That's not a good reason, that's a reason for children. Responsible adults don't do this type of thing.

If you have serious problems controlling your spending, might as well spend someone else's money that you can discharge, versus just have no money in your checking account all the time.

I use a debit card because it makes it much easier to manage my finances. As soon as I pay for something, it's immediately deducted from my bank balance, so I can always see exactly how much money I have. If I screw up and try to spend above my balance, the transaction gets blocked, because I have overdraft protection turned off.

(And, I have money in other accounts for emergencies.)

This is convenient, until someone steals your card number and you spending power goes to $0. This really sucks when the rent/mortgage is due, because oops, check bounced (which is a felony in my jurisdiction).

Credit cards are also subject to holds.

It might be convenient today, but it's like driving around without your seat belt on. It might allow you to enter and exit the vehicle quicker, but that's not really the point.

This is why I have more than one bank account! :)

And get a good bank!

The bank that offers me 0.2% more interest isn't worth it because their customer service is reprehensible garbage.

When something goes wrong my good bank - First Direct - are going to answer in 2-3 rings, and they're going to fix it, their founding philosophy (I happen to know some of those founders by chance) is that customers must feel "totally taken care of", if the customer wants a £2M mortgage at 2am on a Sunday, then you can't tell them "Oh I'm sorry the mortgages team only works 9-5". I have never come off a call to them thinking they should have done more or done it faster, on the contrary I'm often surprised how effective they were able to be.

Everything about this approach can be replicated. If every bad bank loses its customers we all get better banks.

> There is literally no good reason to ever use a debit card

Unless you're trying to get out cash from an ATM, or make any other cash-advance-like purchase. Then there's a really good reason to use a debit card instead of a credit card. It's the only time I use my debit card.

I was going to make this distinction, but didn't. You could read it as "... for purchases" I suppose.

> Always pay with a credit card, it's much easier to reverse this kind of stuff versus a debit card. There is literally no good reason to ever use a debit card.

What is a debit card exactly in the US? I'm familiar with US-style credit cards, and find them horrible, expensive and insecure. I normally pay simply with my bank card, and online I prefer to with through iDeal bank transfer. Unfortunately that's not supported internationally, so I have a credit card only for international online payments. I would not own a credit card otherwise.

A debit card is tied to a bank acount (or some other account) that has actual funds in it. It's same as a check. Once it's cleared, it's quite difficult to get the funds back.

A credit card is different. If a transaction is submitted for reversal within the allotted time period, the charges are simply reversed.

In the case of a fraudulent debit transaction that gets disputed, your bank has to file a claim with the other bank, and somebody (possibly other than the merchant) is taking a loss. Banks don't like that. Credit card reversals mostly result in the merchants taking the loss, and the banks will usually side with a consumer.

Note: in the UK, advise is to avoid using your CC over 25% of your limit. Apparently this might negatively affect your credit score.

One source: https://monzo.com/blog/2018/08/08/better-credit-score/ , a bank’s blog, but I’ve seen it in other places. Never from the horse’s mouth, though.

What relevance does your credit score have to day-to-day life in the UK?

As far as I can tell mortgages are dependent on you having OK credit, not good credit. You don't seem to get better rates dependent on your credit score.

Credit card rates are irrelevant, you shouldn't be carrying a balance.

What else do you really need a credit score for?

Some people have a Pavlovian response to anything with credit score. The propaganda has worked. In the US, we have countless TV commercials about "Check your credit score!"

> Cody Don on YouTube teaches the masses about science and regularly gets banned.

If only he sold out to NBC, PBS, Disney, or a Viacom company, then he could do whatever he wants and never be banned. ;)

In the case of Paypal it's not exactly a lack of customer service, as you can call or email and you will get a response, but a specific policy to not disclose the reason you are banned.

> The lack of customer service in the Silicon Valley is a pervasive problem.

The reason their is very little customer service in SV is due to fact that it is extremely expensive to provide customer service...

Yes, but that’s like a restaurant complaining that it’s extremely expensive to provide food.

You are proving my point.

Why build products for customers if you aren't going to provide service to them, oh wait, it's because it's not as profitable.

> * Uber charged $1500 to my debut card a few months ago. There's literally nobody you can call about it.

And here I thought small claims court was a thing in the US as well

The problem is that most terms of service include forced arbitration clauses. Even if they don't, you generally have to sue in the jurisdiction where the company is incorporated, which for the vast majority of people, is very far away.

That's not true, you can sue a company that does business in your state, in your local small claims court.

I am not a lawyer, but I have sued out-of-state companies in my home jurisdiction.

Is Uber doing business in a state just by virtue of having customers and contractors in that state? It has offices in various places, but I assume not all states.

I am not a lawyer, but my take is:

Just customers, no, probably not.

Contractors? Yes. Especially contractors that are performing services there.

> Uber charged $1500 to my debut card a few months ago. There's literally nobody you can call about it.

If you're in the U.S., I would think your state's Attorney General. It's potentially either theft or fraud, I would think.

Or if your A.G. won't pursue it, go after Uber in small-claims court. Not only are you likely to recoup your lost money, but you'd cause them some pain and/or lawyer fees.

Literally NO ONE wrote the below:

Every Friday go online and withdraw all-but-the-necessary £€$$ to your bank account (transfer wire or via card number). I do get some revenue via PayPal, and the very same day (or the next) I 'download' comes it to my bank account (connected to PayPal via card) and IMMEDIATELY is shipped to another account that has all the controls to make money (relatively) unmovable.

I perceive PayPal as my wallet. I do keep 'some' money in it but I keep the motherload away 'layers' deep.

My money flow diagram, in the back end, includes "tax", "expenses", and "vault" (alarm Scrooge McDuck) accounts.

I see PayPal as the envelope that I am given the cash in. It doesn't stay there for more than 24-48h.

Edit: someone below mentioned they do spam.. if e.g. USA authorities has alerted them about doing shady things, PayPal would also receive a gag order with it to a) freeze their $$$$ and b) gag them. If I was Niteo I would get my pencils sharpened and wake up my lawyers.

>Every Friday go online and withdraw all-but-the-necessary £€$$ to your bank account (transfer wire or via card number). I do get some revenue via PayPal, and the very same day (or the next) I 'download' comes it to my bank account (connected to PayPal via card) and IMMEDIATELY is shipped to another account that has all the controls to make money (relatively) unmovable.

PayPal does have a feature they don't advertise named Auto Sweep, which withdraws any balance in your account each day. You need to contact support to enable it.

YMMV I am ok doing from my app every other night. It takes 5mins to withdraw to my card/account. I keep a certain balance and everything over that amount comes down to safety.

It'd be better if there were a way to autosweep to a paper check or fedwire if Auto Sweep's terms doesn't specifically prohibit Paypal from generating a withdrawal that backs out the ACH deposit.

I find this comment’s format profoundly confusing and have no idea what the intended meaning is. The first sentence is throwing me off so much.

Don't keep your money in paypal, withdraw it to your bank account as soon as you can.

And don't let PayPal know what you are doing or they may cancel your account.

They provide a feature auto withdraw, but you have to ask support for it apparently.

to generalize, you shouldn't keep your money in any 3rd party longer than necessary.

To be more specific, you should not keep your money at a 3rd party with more control over your money than necessary for longer than necessary.

Giving PayPal an interest free loan and control over you balances rather than sweeping them into a (potentially interest bearing) account controlled by you is one example of this.

Another is having a second account at a different bank that you sweep money from the first one. That second bank account should be set up to reject automated ACH withdrawals so that you can push money into it but PayPal, your payroll company, your bill payers, or even other companies that ACH payments to you cannot withdraw from your account without your permission.

> That second bank account should be set up to reject automated ACH withdrawals

This is a thing? How do you do this?

Is a bank a 3rd party in this argument?

Yes. You should have more then one bank in case they lock your account for some random reason.

no, but you shouldn't keep your money in a bank either. Put it in an investment vehicle to at least break even with inflation.

the 3rd parties I'm referring to are things like work marketplaces like upwork, even gift cards or undeposited checks.

The most potent 3rd party is typically vindication and government laws giving it superpowers. They have more power over your money than banks.

The comment is in the format of the "Nobody:" meme, which can be unintuitive and isn't well-suited for a forum like HN:


The first line ("Literally NO ONE wrote the below:") introduces a hot take.


English is likely not their native tongue.

True, and was in a rush, apologies for any confusion

>> literally NO ONE wrote

> The first sentence is throwing me off so much

I didn't go to check because the mystery is more intriguing, but if the OOP's username is NO ONE, then maybe NO ONE literally did write that?

Nobody disagrees that this is what you have to do in PayPal's current state. The debate is to whether you should have to do it, or whether, given that it walks and talks like a bank, PayPal should nationally and globally be treated as a bank.

IIRC, PayPal has a banking licence in Europe and as such is regulated by Luxembourg's supervisory authority. It's strange, given the nature of PayPal's services, that it hasn't yet been deemed to be a bank or the equivalent in other places as well though.

A bank that suspected money laundering or suspicious activity would be expected to behave in exactly the same way. Any regulated entity would.

I think the argument is that with a bank they cannot arbitrarily freeze your account, you are given a reason for any freeze, and have the opportunity to fight it. However, I don't know enough about banking law to know if that's accurate.

That's not the case, a bank works in the same way. Typically a bank or financial institution will employ a set of machine learning models or rules (combined with human review) and freeze accounts on that basis.

Like PayPal, a bank also will not tell you why it has frozen your account (to avoid ripping off others in a crime ring). PayPal (like banks) give you an opportunity to fight it, but like banks they can't simply let you have the money if it is frozen.

Also, working in banking - banks and financial institutions will go out of their way to avoid false positives but do still need to remain compliant.


From what I know, a bank will report suspicious transactions to the authorities, and obey whatever the authorities tell them to do about it. They will not assume the role of the authorities for themselves.

At least, that's how I understand the banking situation in Netherland, which seems about as reasonable as you can get. American companies do seem to be much more likely to play police.

> From what I know, a bank will report suspicious transactions to the authorities, and obey whatever the authorities tell them to do about it. They will not assume the role of the authorities for themselves.

Not the case. They're obliged to freeze the account when they suspect suspicious activity, and then submit a SAR if it is proven to be suspicioue. Freezing the acct is part of the investigation, and they usually now use automated tools to do so.

They're obliged to work every alert generated and unfreeze if the activity is proved to be legitimate.

> A bank that suspected money laundering or suspicious activity would be expected to behave in exactly the same way.

How many lawyers do you think a bank will have to retain to deal with the flood of preliminary injunctions they would have to deal with if they locked accounts at will?

How does that protect against them erroneously withdrawing large sums from your account and hitting you with overdraft or repeated NSF fees?

His argument wasn't about protecting himself from Paypal's erroneous withdrawals. It's about not letting paypal to freeze his funds at Paypal

I (always and forever) maintain accounts with NO overdraft. Banks like overdraft. I don't.

If something bounces, then I will handle it within 24h. Again, this is the setup that covers my needs. A different organizations with different needs should have different process/controls to match their liquidity/easy-to-access-cash needs.

It stops them from freezing the account on Paypal. If you really want to insulate from the service you would set up a similar job at your bank that would immediately transfer the funds out of that account and into some other account. But honestly if you are going to this much trouble is it even worth it to use Paypal?

Just about any processor, Stripe included, stipulates they can withdraw from your account. And what if their systems are hacked, disclosing your account and routing numbers to an ill-intentioned third party?

You probably want this as a generic fail safe for any account that you disclose the account an routing number to an outside entity.

This is why bank preventing unauthorized withdrawals is so useful. And credit card processor disputes too.

Please elaborate on the means to prevent unauthorized withdrawals.

If you have someone's bank account number, you can pretty much take money out of it. By default there is no real authorization process by which the account holder is asked to allow the withdrawal. There is just the assumption that people aren't going to commit fraud, or people who commit fraud will be caught.

I'm not an expert on this, but I believe there are ways to set up business accounts where money can't be taken out in that way, at least not by the standard electronic means. You can also manage accounts in such a way as that there's no money to take out, although that does not necessarily prevent the account from going into the negative. Checking accounts can go into significant negative balances if the bank chooses to allow it.

It is more difficult than you describe it. To set up a monthly payment the bank verifies the request (e.g. if you sign such direct debit for the gym or your electricity bill). Every ebamli I ever used has a page with all these direct debit setups and alerts you when a new one is made to bring your attention to it. These also have limits. And a decent bank would scrutinize the direct debit. A gym or Vodafone will fly easier than a direct debit to VodkaPotatoLimited in Russia or China (no offense) when you live in the UK.

As to prevent the overdraft, just ask the bank to NOT have overdraft capacity on your account(s).

You can just print a check with the account and routing number.

Isn't the max loss there rather tiny? Especially if you have overdraft off on the paypal bank account. You can disconnect the account if something happens and there are fees accruing.

Edit: I'm replying to a really low odds scenario, where:

1. You auto sweep all money out of paypal

2. You regularly empty the checking account it sends to

You have at risk maybe $1000-$2000 in the chequing + less than $100 in fees.

For something vanishingly unlikely to happen. The risk seems rather low compared to the exposure.

I mostly use stripe and have PayPal as a backup. Never had a problem with either, and if I did have a problem with one the amounts are fairly low. (Probably more of an amount risk with stripe as they take longer to sweep out the money. But I don't think they freeze as often)

I was inspired from a couple of videos for my "flows"/management.

This speaks about keeping 7 accounts: https://m.youtube.com/watch?v=auzLhKvsxnQ

There is a Tom Ferry (real estate guy but has some sound tips) also has on a video a VERY good flow diagram on how to distribute money in different buckets/accounts. Apologies but I couldn't find it on my phone.

I was "inspired" by the above and once I organized my accounts/flows and stopped using "single account for all" my life became so much simpler. And of course PayPal wallet is not a permanent parking space for £€¥$.

The loss of money can be small compared to loss of business.

It is an interesting angle to try a civil suit for.

Have a decent bank on the other end that doesn't charge erroneous overdraft and NSF fees?

I always go (and suggest to others) for the "bounced payment" (and it has never happened in my life). But banks really love overdrafts. It is a major source of income. I prefer to get an angry email and throw a freebie and sort this out than having the bank ripping me off. This way I show my counterpart that "hey mistakes happen here is your money and let me buy you dinner to show you that we are good", than having to the other person getting paid and me ebfing paying 5x that dinner cost.

Overdraft is a loan. Would you get a loan with insane interest rate and fees just to get a payment go through? Not me.

Yea I was wondering this too. In the case of something like an eBay transaction, can't PayPal pull the funds from your bank to appease a buyer?

The only account I let PayPal know anything about is dedicated to that purpose and nearly always has zero dollars in it.

My only experience with paypal was about 8 years ago. I briefly remember signing up for it roughly 2-3 years prior to that. I linked my paypal to my (older) bank account so I could purchase something. This account had about $100 in it - it was my old left over account from before I got married and got a joint account, etc. So I kept a tiny bit of money in it. I had moved about 2-3 times since opening that account - I never used the account for anything, it just sat there with money in it. It was eventually forgotten about.

Anyway, long story short. Someone managed to access my paypal and request a sum of money around roughly $40. That account had about $38 in it at the time. Paypal flagged the transaction as fraudulent, stored the money 'in my paypal account' instead of sending it to the requester, and froze my account. But this overdrew my bank account by roughly $2. Needless to say, 2-3 years of late fees added up to a substantial amount of money - two separate accounts - one for about $280 that I owed the bank and another that was about $350 that i owed to their 'overdraft' company. I didn't find out about either until they were about 2-3 years old and in collections.

I realize what I'm explaining is totally my own fault for not monitoring that account and keeping it up to date, but if paypal would have either redeposited that money into my account or sent some emails, instead of freezing the assets in a holding account, I could have avoided that.

In either event, that left a bitter taste in my mouth, and i severed all ties with paypal and that old account at that point.

I had to explain this multiple times to different government and military agencies throughout my career - it still comes up on background investigations.

I do not know how it is in your jurisdiction but where I live a collector needs to inform you in timely manner of these kind of discrepancies if they want to enforce fines or overcharge fees. The means different kind of channels of communication than the regular ones (e.g. postal instead of login to the site, or at least show some effort). Note: this is only if they overcharge without you being able to do so normally, if are allowed to have a negative balance you pay regular fees and you signed a contract to do so.

I used to help run a rather large fan convention. For our first 5 years (starting in about late 2003 or so), PayPal was the only option we offered for registering online. At the time, they were really the only option for implementing online payments easily without the complexity of a full merchant stack (and it was just me doing the programming, volunteering to help them while I was still in college). By the time we finally switched away from them, we were probably clearing $80k or so a year through them, with a very large percentage of that coming over the course of a week or so just before the event. People like to wait until the last minute. :)

We never had any issues, but we were very vigilant about transferring funds out of PayPal every few days just in case. We did finally stop using them, probably about 2009 or 2010, when stories like OP's started to become widespread.

For us, having them "hold" our funds for 6 months or cancelling our account would have bankrupted us. The hotel wants to be paid on Monday after the event. Vendors need to be paid within 30 days. Things like that would have been impossible for us to do if they decided to sit on the money or can us. We were a volunteer fan convention; we didn't have the financial cushion to withstand something like that.

Not to mention the fees were higher than a standard merchant account. We finally did switch to a merchant account through Elavon and, after I left, I think they switched to Stripe. Either way, they don't accept PayPal now because the financial risk to them that could result from PayPal freezing or canceling the funds is significant.

Event tickets are explicitly on PayPal’s terms of service as needing a hold.

That is the case now, yes, but I don't recall that being the case at the time. That said, we are talking sixteen years ago.

Regardless, I would not recommend any business accept PayPal unless you are large enough to get their attention. There are far too many stories out there like OP's, of individuals, as well as small and medium sized businesses, getting absolutely hosed by some automated algorithm at PayPal and having zero recourse to even find out what happened. Customer "service" is nonexistent there. In my opinion, the only thing PayPal is good for is sending money between people.

Short of filing a lawsuit, and you probably can't even do that because they now have an arbitration agreement in their terms.

For me as a customer, having PayPal as payment option increases the propability of purchase. Especially with one-time purchases from small vendors.

Reasons: No risk of credit card info misuse (by vendor), I only need username and password and I get certainly at least some kind of receipt for accounting.

>Reasons: No risk of credit card info misuse (by vendor), I only need username and password and I get certainly at least some kind of receipt for accounting.

It's a shame virtual cards never got more traction through the CC industry. For those who aren't familiar, some banks/cards offer you a tool that let's you set an arbitrary spend and expiration date (+2-12 months usually) and then generate a credit card number (with CVC) with those attributes (Bank of America branded theirs "SafeShop" for one example). Since it's a fully backed card number it'll transparently work on any site a normal CC would, but it cannot be charged more then the small limit (so you can set it just to the checkout price of one item and it's done), it can be trivially cancelled at will (useful for fighting dark pattern subscription services), etc (some of them can bind to merchant too). It's very effective for preventing misuse from online purchases. However for whatever reason it never seems to have spread or evolved really. BoA never added it to their mobile app for example, which seems like the most logical place, but rather kept it as a little Flash tool tucked away in their website. Plenty of banks do not offer it at all, and it never got much PR. It is more work to use and while that could have been reduced through better UIs (mobile again could really help there) it would always have been somewhat more work.

Maybe options like Apple Pay/Google Pay will ultimately fill that role, since they're essentially an automated version of the above (tolkenized per-purchase card numbers). It'd be nice if the industry would work harder though on some standards for the hardware ecosystem needed.

The reason I don't use virtual credit cards is because they tend to not protect you from first party fraud, only third party fraud.

Despite what the banks claim, they usually will NOT prevent recurring payments from being honored. Even if you don't have enough money in your account. (The bank will just collect it from you)

I used to use a service called Entropay, which would actually let you pre-pay money into a disposable virtual credit card. But banks would never let you do that, because it would undermine their own system.

90% of the problems that I have had over the last ten years have not been with credit card info being stolen, but with misleading or outright fraudulent behavior by merchants, and BoA virtual credit cards have all of the exact same problems as real credit cards and will do nothing to protect you.

You will still have to always keep an eye out that 90 days later you aren't charged again for the same thing. And you are still on the hook for charges made by the merchant you paid, and it is up to you to dispute any charges through the same process as with a regular credit card.

What I want, is to give a merchant a credit card number, pre load that number with $30, have them charge it, and then be completely done with it. This especially makes sense for low stakes low cost recurring monthly payments. I should just be able to stop paying a $5/month fax service that I never use, and have them terminate my service. Banks would never let you do that. Services that used to let you do that have been mostly shut down.

I understand that I may be technically agreeing to pay each month with recurring payments, but the onus should be on the provider to stop servicing me if I cannot come up with the money. The system that we have today for recurring payments makes no sense.

I simply want to be in control of how much money gets taken from me. It is the same reason I take bills out of my wallet to pay a clerk at a store, and do not simply hand them my wallet and ask them to take the money out. I don't care if I can call the bank and dispute things with them, I want to be the one to dole out the money for the transaction.

And I haven't tested this, but apparently if some scummy vpn service you did a 30 day trial with a few months ago claims you owe them, and you miss the window to dispute it, or the bank sides with the merchant, the bank is obligated to go after your money from other accounts.

No thanks.

>What I want, is to give a merchant a credit card number, pre load that number with $30, have them charge it, and then be completely done with it. This especially makes sense for low stakes low cost recurring monthly payments. I should just be able to stop paying a $5/month fax service that I never use, and have them terminate my service. Banks would never let you do that. Services that used to let you do that have been mostly shut down.

Privacy.com offers this service, but you have to pay from your bank account.

Like, Privacy.com has access to your bank account and have the authority to collect? Because then it is the same problem.

All I want, is the digital equivalent of a personal check.

A one time promise to pay money. If the merchant has a dispute with me, or thinks I owe them more money, they are free to sue me.

If my utility company wants automatic recurring payments, I have to sign paperwork which makes it very clear that I am authorizing recurring bank transfers.

The system we have now makes no sense at all.

It's not the same problem.

They block charges over the limit.

You can "turn off" a card after you use it.

They have "single use" cards that turn off automatically two minutes after the first charge.

You can set the spending limit on single use cards or for non-single use cards on a per month basis or per year basis.

You can use any billing name and address with the merchant.

what I* want is an exchange on the order of 'fooco is asking for $53.28, is that ok?'

the minor annoyance for recurring payments is totally worth not having to actively be on guard for random people withdrawing from my account.

why is this so hard? i suppose its because of some perverse incentives that I dont understand.

Me too, but I think that the big financial institutions are strongly against that.

Only available in the US though

Still has an arbitration agreement, unfortunately.

For something small or temporary, I might overlook it. For something that has direct access to my bank account, no go. They need to accept some liability if they want that level of access to my financial life.

To be fair, Paypal has an arbitration agreement too. But, if you're using Paypal as justification for your own policies, that's not exactly a strong starting position.

Two banks accounts deep. Let Paypal, Privacy see a dummy account, and use that account to transfer money into a main account. Keep layering for more protection, questions from your bank.

"Pay with Privacy", an interesting slogan to say the least.

Does privacy.com still require users to provide the username and password that they use for their bank account? That's an absolute no-go for me.

Interesting, is there any alternative for the EU market?

>Interesting, is there any alternative for the EU market?

Have a look at Revolut (however, you need a monthly subscription to use disposable virtual cards).

I use Revolut, and it's okay I guess. I dislike it's just a phone app and not a web one.

I also social engineered my way in to my own account via a brand new Twitter account, so ... beware.

Klarna has it, not sure which markets though.

I’m always surprised as to why people are concerned about card details misuse.

You are not responsible for card-not-present fraud (without 3D Secure). You can dispute any fraudulent charge with your bank, and I’d bet good money the bank has actually better customer service in that regard compared to PayPal.

As a consumer, I like PayPal because it allows me to shut off a payment stream when I want to.

A prime example was when I subscribed to NYTimes, and a few months later wanted to cancel. The only way to cancel was to make a phone call, navigate a phone tree, and wait for an agent. That was absurd, not only because I'm international and find it less convenient to call a US number... but particularly because I signed up and created the subscription online. NYT knew what they were doing by making it difficult for people to cancel.

With PayPal in between, I was able to easily just terminate the agreement. NYT could no longer suck money out of my card.

Technically you could still owe them that money... Just because you don't pay it doesn't mean that the contract gracefully ends.

You could argue about this. It is also questionable, where the contract was made. New York City? The place where the server is based? The place where the international customer is based? What law should apply? And if a company makes it unreasonable difficult to cancel a subscription then this may be a violation of some laws already. https://www.cnet.com/news/companies-must-let-customers-cance...

I know the point of your story was about being able to cancel, and not specifically NYT, but since others might read your anecdote and be turned off of NYT:

NYT has since upgraded to allow managing your subscription online, including upgrade/downgrade/cancellation.

I entirely agree that putting money into a PayPal account is a really bad idea, but I'll generally use one of my credit cards through PayPal if needed.

The last time I had to deal with card fraud, my bank was extremely reasonable to work with and didn't hesitate at all when disputing the charges. But the process can still be fairly annoying. Having to wait for the card to be replaced, having to move any auto billpay using that card to another, etc.

With very few exceptions, if the merchant isn't using a decent external payment platform, you might as well be posting your credit card information on Hacker News. I'd much rather run my card information through PayPal if that is the only option other than entering card information on the merchants dodgy website.

Most banks can be decent to deal with, and one can certainly take steps to mitigate the impact of it when it does happen (Like not using your debt card for purchases, ever. Using a different credit card for bill payments vs online purchases vs offline purchases, etc.) But I can understand why people would prefer to avoid card fraud when they have the option to do so.

Non-US credit or debit card owners are not in that good position wrt. disputes and getting their money back. Most of them charge for disabling the card and sending a new one. Dispute last for months, and are not automatically protecting the customer.

This is the first time I hear about this for UK. The chargeback rules are set by the network , i.e. MasterCard, Visa (sure Amex as well but they are both issuer , acquirer and network so that’s perhaps an unfair example). Is there a different rule set for MC USA vs MC rest of the world?

I worked for a fraud detection company in the UK that existed precisely because chargebacks work so well, here. So this is definitely news to me.

Yes, there is a world beyond US and UK. Customer support in, say, France is next to nonexistent compared to US and UK standards. Not to mention non-Western countries (where Visa and MasterCard still work, but the quality of service differs dramatically). I am Russian living in Switzerland, who speaks English and shops at Amazon/US. It creates all sorts of fun.

Laws in each country are different. In the US that is not just a network rule it is a law. In many other countries they are just rules that can change at any time. Check with your local country's laws as each are different. I would expect that the network's rules are in large part the intersection of the laws in every country they operate in - one set of rules is easier to track than trying to figure out which countries laws might be in effect (with disastrous consequences if they get it wrong).

Don't get me wrong, sometimes the networks rules are stronger than the laws for other reasons. Last I checked in the US the customer was legally out $50 in case of fraud, but all networks reduced it to zero figuring if they were already out potentially a large sum of money they may as well eat the last $50 too for goodwill reasons.

They’re only out $50 for debit accounts. Credit accounts, you’re not liable for anything.

Sad to hear that about Non-US card owners. In the US, I've had just the opposite experience. E.g., with AmEx, I had suspicious charges and before I even finished the description the agent interrupted me and said the charge and my card were both already cancelled and new card w/new numbers was already on the way via FedEx.

I'm not quite sure what pattern the agent recognized, but she sure didn't like it and they weren't going to put up with it for a second. I'm not sure why it wouldn't be in their interest to be this vigilant globally...

There are huge culture differences in different parts of the world, and no such thing as "global companies" -- local offices are staffed with locals. US customer support is probably the best in the world, only Japan could be a valid contender here. The rest of us have to suffer.

Interesting, and perhaps not surprising since a college acquaintance once told me (quite some years ago) that AmEx would only cancel your card in one country at a time. Seems he'd had some trouble in Europe (parents shut off funds or something), and while making his way home before eventually getting it sorted out, discovered that little tidbit.

"I’m always surprised as to why people are concerned about card details misuse. You are not responsible for card-not-present fraud (without 3D Secure). "

I am not surprised. You have obviously never stood in Ethiopia or wherever and have gotten a call from your bank: " This is the fraud department, unfortunately we have to block your card but we send you a new one".

Trick question: How many CC do you carry at a given time?

Hint: based from experience it should be at LEAST 3.

I am using a non-shit bank which will leave Apple Pay active while the physical card is replaced, or decline card-non-present transactions while leaving the card active for in-person transactions.

If the bank is bad it’s one thing but then the solution is to choose a better bank, not hack around the problem with a (shady) middleman like PayPal.

Not sure if it would have helped in your case, but when I was going to China for 2 months, I called the bank beforehand and let them know that I'll be in China, and asked to ensure the card would work there.

Would not have helped.

When I was abroad one guy was enjoying a decent McDonalds meal in the states with a cloned card.

Because then you have to go through the hassle of doing all of the paperwork, talking to the bank and getting a new credit card number (which means updating all your services that used the old number).

It's a pain in the butt when it happens.

I love a fresh card!

There are debit and prepaid cards, that can be used online, but disputing fraudulent charges is next to impossible. There are non-US banks, where disputing fraud is extremely difficult and takes months, during which your funds remain blocked. There are many cases where a card wouldn't work because it is from a different country, but PayPal works.

International consumer finance is a mess. Not everybody who shops on the Internet is a US citizen with a credit card account in a first-rate bank. There are other options.

It's just a pain when it happens and you have to notice and catch it to begin with. Last time I had my debit card skimmed I had a lot of subscriptions lapse and fail to charge because the old card had been cancelled but I hadn't gotten the new card yet to switch to.

I got all the money they'd charged back but it was still a stressful time because I didn't have any other card at the time.

I agree with you for US customers (and probably most of Western Europe), but situation in many countries in the rest of the world is different. Those consumers may not all be SOL in case of such fraud, but the recovery, if available, is much more involved than a single call / web action it takes in the US. My 2c.

Lots of people (especially in Europe) only have debit cards and no credit cards. And those often have worse consumer protection or in the best case you're still out your money for a long time during the dispute.

How is it different from PayPal though? In either case you have to wait for the dispute to clear in your favour before being able to get your money back.

>For me as a customer, having PayPal as payment option increases the propability of purchase.

For me, Paypal looks disgusting. Like it's stuck in 2002. I'd much rather buy if there's Apple Pay via Safari or Gumroad or literally anything else.

Until they arbitrarily ban your consumer account too, they just 'permanently limited' an old account I used on occasion to buy things on ebay without any problems that I haven't touched in a few months. No 3rd party access that I can tell so hilariously banned at random.

For me as a consumer if Paypal is the only option you will probably have lost me as a customer. I hate navigating through their mess of an UI and I also hate how they do not respect that I want 3D Secure on all credit card transactions (but this is more the fault of my bank which should deny their transactions).

Conversely, for me as a customer, if a vendor offers no option but PayPal then I refuse to do business there. Ethical considerations aside, I choose not to tie myself to yet another online service just to provide a layer of abstraction over the credit cards and bank accounts I already have.

It is often easier, more convenient, and less expensive, for small retailers to set up a PayPal option than a credit card payment option.

As a business, PayPal can be helpful that way too. But the point is, it shouldn't be the ONLY processor. Credit card input, via another processor, should always be an option.

Whereas I, as a consumer never use them because they are scammy.

OP isn't saying don't use it. Just don't make it your only option for accepting payment.

Same here. I find it easy to use.

Niteo produce a product to produce content farms and generate spam.

PayPal has done the world a favour by banning them.

PayPal should avoid doing vigilantism if they want to keep people's money under trust.

It matters very little how despicable the company is, monetary services must not hold opinions unless explicitly told one by a local government.

This is BS. It matters very much to me as a customer of a financial services provider what sort of company I am keeping.

For example, I don't want my bank to provide services to organised crime because I both feel that would be morally wrong and I think it'd open the bank's staff to influences that aren't in the best interests of other customers.

Also, your argument isn't with PayPal; it's with the entire FS industry.

Organized crime is illegal and content farms are not, so this is a terrible example.

A better example might be highly religious community not wanting their bank to do business with companies focused on the gay and lesbian community.

This is a good example because: it is not illegal for a company to cater to the gay and lesbian community, it is not illegal to discriminate against gay and lesbian people in many states, and there are communities that would dislike this sort of company.

Your example is irrelevant as that’s a civil rights issue.

Either way, I gave the example of organised crime not in an attempt for people to take it as a literal suggestion of equivalence but to argue against the idea that a financial institution has no place being choosey about its customers.

It's not being choosey to not support organized crime, because it's illegal; the choice has been made through the law. It IS choosey to chose not to support an organization that's doing something legal that you don't like.

> "should void doing vigilantism", "monetary services must not hold opinions"

That sounds like a very interesting idea, but how about this one?

> "You must follow PayPal's terms and conditions or should expect to have your account terminated"

Because that's how every payment processor in existence works. Don't like it? Use bitcoin.

If every payment processor worked like this, this story wouldn't be here.

Are you kidding me?

For one example, see American Express's Merchant Operating Guide


See section 10.2 Prohibited Merchants. There's a whole list of them. Here's a select few:

Multi-level Pyramid Sales, Prostitution, Payday Lenders, Timeshares, Gambling, Virtual Currency, Escort Services and Non-Licensed Massage Parlors, Mortgage Payments.

American Express does not take people's money under trust. No payment processor does that, it's a bank thing.

The Swiss bank model.

Founder here. We're not processing SaaS through PayPal, as mentioned in the post:

> The most interesting thing is that we’ve moved away from PayPal in the last two years and have only been receiving some minor payments and paying for a few online services.

We've stopped using PayPal for our SaaS business a few years ago.

"We do this thing that probably got us banned, but we don't do it on PayPal so what's the problem."

But you do enable spam.

Not surprised at all. We got banned too without any warning a few years ago. I wrote about my story here: https://news.ycombinator.com/item?id=11944701

Lots of people would simply think "It won't happen to me" and move on. But this is just another example that if it can happen to people using Paypal for years, it can happen to you too. It's better to offer other payment channels to customers so you can diversify. And if possible, move away from Paypal entirely.

You got banned for running a file sharing site, I’m afraid. PayPal’s terms require all file sharing sites to seek explicit approval before using the service, no exceptions.

I mean... its not even hidden in fine print or written in legalese or anything, they are pretty clear about "Activities Requiring Approval" in readable plain language.


>Providing file sharing services or access to newsgroups

When we created an account, there was no such clause. We discovered that it was added later. When they pointed it out that it violates their policy, I found it surprising. At the very minimum, they should have allowed us to get permission and if denied, then at least return us 30% of our revenue at that time which was in the account. They did neither. They shut down the account and did not even answer back to our emails. I would never trust Paypal again after that bad experience.

I wonder if there's a potential class action suit there if you could get enough people together.

Unlikely to win, https://www.paypal.com/us/webapps/mpp/ua/acceptableuse-full

Activities Requiring Approval > Providing file sharing services or access to newsgroups;

Looks like he didn't seek approval and got flagged for it.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact