Unfortunately, as is a reality with all financial services
(e.g. banks, credit cards, etc.), predators can use stolen
identities to create fraudulent accounts without a victim’s
knowledge. That’s why Dwolla requires numerous identification
and verification steps. A necessary byproduct of this kind of
fraud is bank-level reversals, “chargebacks” issued by the
institutions on behalf of the victim, not Dwolla.
There's really no way to square those two statements. Now Dwolla does go on to say that:
Most all merchants are well aware of the problem, which is why
we’ve always had something in our terms of service about
chargebacks since Day One.
Ignoring the tortured logic in there (merchant awareness can't really be why they have chargebacks), is this true? If so, then I guess all Dwolla is guilty of is contradicting their marketing hype in the fine print of their terms. Sleazy, but not that uncommon. Does anyone have a copy of their early terms of service?
Moving beyond that, I'm also quite shocked at their reversing charges and then retroactively changing records. That seems like a fairly huge breach of trust, and yet Mt Gox confirms it ("the transactions just disappeared from the history at first, without any notice"). I think Dwolla needs to come clean about how the hell that happened, and what steps they've taken to ensure it can't happen again. I'm uncomfortable with a payments processor that thinks retroactive changes to statements could ever even possibly be okay, especially in a post-SOX world. I want to see some acknowledgement on their part that they've screwed the pooch, and that it won't happen again the next time their tinkering with their systems. That's not the sort of think a trustworthy company would try and sweep under the rug, in my book.
Originally (i.e. before that blog post on Mar 30, 2011), Dwolla said transactions were irreversible, both in their marketing and TOS. They knew ACH chargebacks are possible, but they must have either been planning to eat fraud losses (keep in mind they're charging less than 1% fees) or perhaps they thought their anti-fraud system could prevent fraud from happening in the first place.
Then Dwolla started getting hit with chargebacks from banks. Reminiscent of Madoff, Dwolla was faced with a choice between going out of business or breaking their own rules. People become very ethically flexible when survival is on the line. It's possible that their code and schema didn't even have the concept of reversing transactions. It's possible that they hand-edited their database to reverse transactions, which didn't leave proper audit trails.
Soon after that, they officially changed their TOS and stated that transactions would be reversible from then on. This shifted all risk from Dwolla to their customers, causing some Bitcoiners to immediately drop Dwolla. Others kept using Dwolla and got screwed later.
Interesting. If that's true, then Dwolla comes off very very badly here.
Look, I understand their position: They're a young and hungry startup, they have an awesome plan, and it doesn't quite work; they end up needing to pass the chargebacks on. I'm okay with that. But it needs to be communicated to their clients, with a date (and not in the past) when the change will take place.
If they changed it without clear communication (or, worse, announces the change retroactively) then they've screwed over their customers, and may well be legally liable. And that brings us to the press release, dated today, where Dwolla is claiming that "we’ve always had something in our terms of service about chargebacks since Day One." In other words, they're saying there was never a change - and if your information is correct, then this is a boldfaced brazen lie that destroys all credibility they might ever have had[1]. I kind of hope you're wrong. :(
[1]: Alternatively, they could be playing word games - maybe they had "something" in their TOS since day one. After all "no chargebacks" is "something", right? In which case they still have destroyed all credibility they might ever have had. And I don't think I'm exaggerating here; so far Dwolla is doubling down and claiming that they've done nothing wrong. Either they're completely right and everyone else is wrong, or their reputation is toast.
We've always tried our hardest to be the Good Guys, to not put burdens on our clients. Unfortunately, we're seeing a large amount of fraudulent activity that has forced us to implement chargebacks. We're sorry, and despite this we will continue to fight as hard as we can and then some for you, our clients. Thank you for your patience and understanding.
Then, you're clear. You may lose some clients, but you won't be the assholes who sold your product as, "X, but without the terrible Y!", then went behind your clients' backs and implemented Y after you realized the big boys did it for a reason.
Actually this whole mess of chargebacks is precisely one thing that Bitcoin solves. As a merchant, once you receive a Bitcoin transfer, no one can reverse it or initiate a charge back.
It solves a problem very well, many would say a little too well. What happens is that once this problem is solved a little too well in that it does the following:
1. Provides no way of reversing transactions.
2. Has a large enough mass that the currency is trusted.
3. Has a large enough mass that non-nerds can easily use the system.
The feds come in and want to shut it down because it provides a great avenue for the criminal element and con-artists. eGold is the prime example of this.
If you're an EU/US exchange, someone steals bitcoins, makes them to money with your help, police starts to investigate, you get sued and need to pay the stolen money back out of your pocket. Technology is no way around laws. You know the word enforcement in law enforcement. But you as a merchant are probably safe. Risk is taken by the conversion service.
(Obviously you're safe if EU/US/Russia/China can't get you because your service is in country that does not work with EU/US/Russian/Chinese law enforcement).
Disclaimer: I dont know much about how bitcoin works
It would seem though that one would need a third party transaction 'escrow' (for lack of a better word) which could invalidate bitcoins should they be stolen.
Basically saying "this bitcoin transaction is valid, therefore these bitcoins of value x are valid"
If things are stolen, then you could disable those bicoins.
Invalidating bitcoins would not work though. additionally, it is against the philosophy of bitcoin, basically to be a currency without supervising powers.
You literally have to think of bitcoins like real cash. I know that it feels unnatural at first, as usually everything you do software side on a computer is reversible, but that is not the case with the way bitcoins work. Everyone who runs the bitcoin client validates transactions and when a certain threshold is reached, the transaction is successful.
Therefore, to prevent the validation of transactions, you would have to run an astonishing number of clients which refuse validation.
The only way you could intercept stolen bitcoins at this point is, that the services which you can use to exchange bitcoins to dollars keep a db of stolen coins and prevent those from being cashed out.
> I always assumed it was only a matter of time before Dwolla realized they would not be able to offer irreversible transactions. The scams would eventually get big enough that they would HAVE to start chargebacks, and the money train into bitcoin would end.
From reading that article, it looks like TradeHill claims they are missing about $100k in revenue, and maybe up to $200k. Why are they suing for $2MM? Even treble damages (x3) plus lawyer costs wouldn't add up to 2MM in the most optimistic case. Can anyone explain the discrepancy?
So if I have a $25K/month business and you destroy it, you should only refund for a month (or two) revenue? $2MM seems right for me considering potential future revenue, brand loss, lawsuit time and cost...
This is one of the real mysteries of the article. AFAIK, and anyone in the bitcoin forums knows, and unless something changed in the last 12 hours, the bitcoin.com domain is still owned by Tradehill's CEO who's promising and planning to develop it into a prime piece of real estate. Which betabeat doesn't mention. So the only thing I can take from this is that he traded his equity in the dying company for the domain, and valued the equity at $1M, then wrote it off as a loss for the company and blamed Dwolla for it...? Go figure that one out...
What is really interesting is that while both Tradehill and Mt Gox heavily used Dwolla, Tradehill seems to have had more problems with it. Tradehill reports $100 000 charged back. Mt Gox reports 5000. Tradehill reports that Dwolla would try to charge stuff back in a hidden manner by changing the status of transactions after the fact without notifying them of the chargebacks. Tradehill further reports that Dwolla would completely ignore them and stone wall them when they tried to discuss the matter. Mt Gox on the other hand reports that Dwolla were very good about reporting the chargebacks and there were no communication problems.
Now for those of you that do not know: Mt Gox is the leading bitcoin exchange that does most of the business. Tradehill was an upstart that tried to compete with Mt Gox and even when active only did a small portion of the business Mt Gox did. Furthermore, Mt Gox does so much business that they were reporterdly Dwolla's top client for a while and that may still be the case.
Please feel free to provide your own speculations as to what all of this means.
I can tell you why Mt Gox has fewer problems with Dwolla than TradeHill. MtGox goes to incredible lengths to keep the bad guys away from their exchange: they forbid web sessions coming from TOR, they ask for proof of ID for users handling the most money (over $1k/day or $10k/month), they track stolen bitcoins and freeze Bitcoin deposits made to them containing known-tainted coins, etc.
As a consequence, the bad guys tend to operate on the less protected exchanges, such as TradeHill, and they get hit by Dwolla's chargebacks, coming mostly from hijacked/fraudulent Dwolla accounts...
MtGox's report of $5000 of Dwolla chargebacks is so small it could very much have been only 1 or 2 incidents. Of course Dwolla is going to have much more time communicating with their largest customer about 1 or 2 incidents, than investigating possibly hundreds of fraud cases involving a customer like TradeHill representing a small fraction of their business...
The interface between bitcoin and fiat always worried me. Piss poor behaviour by Dwolla if true. Dwolla and Tradehill were on the same team if you ask me: pity they couldn't see it.
If TradeHill's reporting is to be believed, I find it highly implausible it was all one transaction that was reversed. Also, there's nothing to indicate that Dwolla was the one that reversed it. They were reversed. That much is probable (although TradeHill gives different figures in every report about it). We haven't heard what Dwolla has to say about this yet or seen any evidence about it. “It's definitely true” that we don't know the details, yet.
And we begin the rumblings of fraud within another payment center, this one on the back of ACH instead of credit. I am curious how it plays out, but Dwolla will certainly have their work cut out for them in the coming years. If regulations don't kill them, fraud very well might...
If you sold some artwork you made in your basement and were then defrauded by chargebacks from your payment processor, would you be required to prove that your "artwork" has value in order to claim damages?
The fact that you sold if for an amount agreed upon by you and the buyer is what matters, not any provable intrinsic value the thing being sold may have. Whether you sell $1M diamond or a 5-cent bottle cap for $100, that's $100 in damages if the processor does a fraudulent chargeback.
There is a slight relevance of Bitcoin: Bitcoin transactions are irreversible. There is no real technical means to reverse a transaction; it is simply not possible. Even if there was a court order to reverse a transaction, unless the physical recipient could be identified, located, and arrested, the court order would be meaningless.
This is in contrast to almost any other exchange system (besides hard cash), which could, at least technically, force reversal of a transaction. See for example Paypal, Facebook credits, money in an MMORPG, shares of stock, and so forth.
It's not the exchange system that matters, it's who holds the account.
With bitcoin if I hold my coins in a currency exchange (which is basically a bank) they can obey the court order and reverse transactions.
And I can become my own bank, and then hide, in which case it would be hard to serve a court order on me. (Although banks often have accounts at the fed, so they don't hold the money themself.)
What's unique about bitcoin is most people hold their own accounts. So you have to find the account holder, which is hard. But, as I said, it's not the exchange the matters, it's the account holder.
With bitcoin if I hold my coins in a currency exchange (which is basically a bank) they can obey the court order and reverse transactions.
It would be trivial if it was that simple, but the stolen funds were of course withdrawn from Tradehill, and so are no longer in control of an exchange.
It's no different from a criminal running off with a bag of cash; how are you going to "reverse" the transaction of the money being physically picked up, put in a bag, and carted off?
Moving beyond that, I'm also quite shocked at their reversing charges and then retroactively changing records. That seems like a fairly huge breach of trust, and yet Mt Gox confirms it ("the transactions just disappeared from the history at first, without any notice"). I think Dwolla needs to come clean about how the hell that happened, and what steps they've taken to ensure it can't happen again. I'm uncomfortable with a payments processor that thinks retroactive changes to statements could ever even possibly be okay, especially in a post-SOX world. I want to see some acknowledgement on their part that they've screwed the pooch, and that it won't happen again the next time their tinkering with their systems. That's not the sort of think a trustworthy company would try and sweep under the rug, in my book.