In total these companies have profit in double digit billions! That's all coming from inefficiency and lack of real competition? is it totally necessary? does anyone think it possible to rival them in a decade with enough funding?
Stripe, Block, and PayPal each solved a massive pain point.
PayPal provided a way to pay people and vendors without giving away your credit card number.
Square made it easy to accept payment in person on a phone, without an extensive upfront underwriting experience and without expensive fixed monthly fees.
Stripe did the same as Square, but for accepting online payments.
Fraud and Risk come in many forms, and these providers, even with their UX innovations, sit on top of those same rails to reduce fraud. Without those rails, buyers can’t trust sellers and sellers can’t trust buyers.
In my opinion, you need to find a way to solve that problem before you can eliminate the fees being captured by these providers.
A lot of the fraud hinges on the fact that all you need to drain an account is a static card number. A lot of hacks are subsequently piled on top of that to try and make it harder (SCA/3D Secure, captchas, etc), and a lot of busywork is spent tidying up the consequences of that (chargeback handling, etc).
You could eliminate a lot of the fraud by moving off a mostly-static identifier to merchant, amount and time-limited tokens the user generates with their bank (or the merchant redirects them there). This would address a lot of the issues - the tokens are useless when leaked (as they only work against the merchant's own account) and can't be misused even by the merchant to go beyond the agreed amount or time limit.
This means with such a system you’d immediately eliminate a whole category of fraud, with the only thing remaining being merchant-level disputes like goods not as described/etc, which can easily be made optional and the user can choose to opt-in for the extra fee. Then you would actually have a good case for lower/no mandatory fees at all.
One problem you need to keep in mind is that fraud mitigation is a big industry in an of itself (some of it is real, some complete snake oil but relies on the underlying problem being real to sell itself) and wouldn't be in favor of a system that is inherently immune to (at least some types of) fraud.
From a merchant perspective, there is a significant group that view this as a feature. Not a bug. Once a merchant gathers you credit card info, they can submit basically any transaction they want at any time. Yes, if you do this enough your payment processor will cut you off. But for businesses like gym membership, NYTimes subscription, car rentals, etc. it's a core feature.
The product in that case is not "payments as a service" to the consumer but in fact "payer as a service" to the business. If consumers didn't represent an unbounded ability to generate recurring revenue there are lots of profitable businesses that would go under overnight.
> they can submit basically any transaction they want at any time
This can be generally be accommodated in my suggested model, they just have to specify upfront how much & how often they'd want to charge. If the gym membership is 50 bucks a month, then the token has a monthly limit of 50 (or maybe a bit more, to account for potential extras). The token lifetime could be set for the membership duration.
> car rentals
Get 1 token with your rental fee + a separate token (scoped until car return date + some time to inspect/discover any damage) for the deposit amount?
You're thinking technical solutions to a sociological problem. Businesses like this are built on the fact that they can charge you an unspecified amount for an indefinite amount of time. Any attempt at a technical solution means those businesses refuse to adopt that solution.
I suppose in this system you could white list such things. It would be a box to click when it directs you through the Auth process. I guess you could directly implement this in stuff like Norway's bank id system.
The page is light on details, but is it scoped and merchant/amount/time limited? Because if not, it’s yet another “hack” that merely reduces one specific type of fraud (when a card number is leaked) without fully addressing the problem, so the need for chargeback arbitration (and thus associated costs) persists.
You'll still get a lot of chargebacks by the way. With a lot of ecomm I've been involved with the fraud you are talking about is actually a small part of chargeback volume. Most is unhappy or demanding customers, or another type of low level fraud, claiming goods didn't arrive despite a photo of the person literally accepting them from the delivery company. This is absolutely rampant in b2c with smaller merchants (I am aware you mentioned this but not sure if you are aware of the scale of it).
The alarming rise in the incident rate of inappropriate chargebacks ("my fries were cold") really pisses me off as a sane user of contemporary credit card infrastructure. That is, I think of chargebacks as an absolute last resort; essentially a bulwark/ombudsman to protect me from bad actors. It should be used incredibly conservatively, and it should have significant reprocussions if it is used inappropriately; sort of like steep fines for hitting the emergency strip on a subway because someone wont move their backpack.
If chargebacks go away and aren't replaced by something at least as effective, that means that we're losing one of the most significant advantages intrinsic to the payment mechanism: peace of mind.
Chargebacks are in many cases the outsourcing of proper consumer-protection regulation and everyday customer service.
When the merchant fails to deliver or underdelivers -- "my fries were cold" -- appropriate customer service should be meeting the customer at that point and addressing it directly.
Modern systems of unempowered on-the-ground employees and endless loop self-service support stand in the way of that. Consumers naturally respond by pulling the levers that remain, which is invoking the wrath of American Express.
Reasonable people can disagree. What is a customer to do if they think a merchant is not a bad actor, but mistakenly refuses to refund their purchase? A chargeback seems like the fastest and cheapest option to resolve the dispute.
Thing is, if you eliminate the risk of unauthorized transactions, you can then reasonably discontinue the concept of chargebacks as a whole, replacing it with a mediation/arbitration service that consumers can opt-in for an additional fee.
This would open the door to cheap or even completely fee-free transactions if the user doesn't want to opt-in to additional protection, which they reasonably may not want when the stakes are low enough (you weren't gonna chargeback a lunch anyway).
But for this to be viable, the risk of unauthorized transactions/origination fraud needs to be eliminated completely at a technical level, something I believe an oAuth-style system would do, and currently none of the many of hacks on top of the legacy system address. Otherwise, you'd still need to take some fees to refund unauthorized transactions, separate of customer-merchant conflicts.
How do you handle the part of chargebacks that currently validly apply to authorized non-fraudulent transactions, like services/product not delivered or not as described, or accidental double charges from vendors like random taxi drivers with whom you don't have a way to arrange a refund?
It already works like that here (eu) for debit cards (which most people have; very few have credit cards although they don't know the difference). Double charges from taxi drivers is not possible as it's tapping or dipping your card and you are there for that (we are assuming some system that prevents someone stealing your card like biometrics or whatnot); products not as delivered is responsibility for the seller to refund/replace and in other cases you go through a process of mediation. I had it once in my life, which is now 50 years. It sounds like Americans willy-nilly chargeback whatever because they can (fries were not hot or cold enough): seems not very good for the fees. Most people who travel have creditcards here and the most ones I know have no idea they can chargeback or ever needed it.
Keep in mind that card disputes are a thing even for debit cards. Credit cards may have higher protections by law that force the lender to eat the disputed amount regardless of the dispute's outcome, but the actual process of disputing a transaction is applicable to all cards - I've successfully done chargebacks on debit cards here in the UK.
> Double charges from taxi drivers is not possible as it's tapping or dipping your card and you are there for that (we are assuming some system that prevents someone stealing your card like biometrics or whatnot)
You'd be surprised - at least in the public transit context with iOS Express Mode, double Apple Pay taps by transit systems have absolutely been recorded plenty of times. I admit I haven't heard about this in the taxi situation, but unless the technical problem is specific to Express Mode and not general to tap-to-pay, I don't know why it wouldn't ever happen.
> products not as delivered is responsibility for the seller to refund/replace and in other cases you go through a process of mediation.
This assumes the seller is willing to do their job or go through the process of mediation, and/or that the buyer has sufficient legal insurance or available cash to cover the up-front cost of lawyers plus any related expenses plus the possible attorney's fees of the other side if the court decides against them.
Even in the EU, this is far from always true, especially for low-price purchases or when dealing with foreign online merchants who are more likely to ignore EU lawsuits or mediation attempts than to cooperate.
Of course, trying to resolve things with the seller is always the right first step, and that's the usual approach even in the US. It's just great to be able to have the leverage of the chargeback option as extra incentive for the merchant to be reasonable. (By the way - the chargeback right is not unconditional even when the reason claimed is one of the allowed reasons. The merchant can dispute it and can sometimes win depending on the circumstances, the evidence, and the bank.)
> It sounds like Americans willy-nilly chargeback whatever because they can (fries were not hot or cold enough)
To be honest, no, the idea that chargebacks are something Americans rush to do is a stereotype and not true. They're pretty rare when neither the buyer nor the seller is doing something shady, but having the option to charge back is pretty important in order to make US single-factor (no-pin / no app-based verification / no meaningful signature verification) credit cards secure enough for customers to rely on, especially for online purchases from random small merchants who can't be relied upon.
And "fries were not hot or cold enough" would pretty much never be a valid reason for a chargeback, since usually a specific temperature isn't promised before purchase.
> seems not very good for the fees
It definitely affects the fees, but honestly, a bigger impact is that the US does not cap what fees credit card issuers can charge the merchants, so the fees are much higher than the typical EU consumer card regardless of chargebacks. Some of that is of course kept by the banks as profit, but much of it is returned to customers as reward points, cash back, or other perks. It's among the reasons why I continue to use my US credit card as my primary form of payment even here in Germany. Zero foreign transaction or currency conversion fees, great perks. (This card does require a decent US credit history and has an annual transaction fee, but I get enough value out of it to outweigh that fee.)
How many chargebacks have I done in my entire life for a reason other than actual fraudulent / unauthorized transactions? Probably under 5, maybe 1-2 at most. Plus most of the fraudulent transactions were noticed proactively by the bank rather than me having to bring it up to them. Because it's a true credit card and not a debit card, I never had to pay for those fraudulent transactions.
> To be honest, no, the idea that chargebacks are common in the US is a stereotype and not true.
The thing is, even here on HN (where I expect, maybe not warranted, the level to be higher), people seem to absolutely proud and entitled to chargeback whatever for whatever reason. Those are almost 100% Americans (I check) and that is where I got the idea; this sentiment is much higher on tiktok, youtube, reddit etc. I even saw some shorts of people screwing merchants with chargeback like it is some batch of honour.
>The thing is, even here on HN (where I expect, maybe not warranted, the level to be higher), people seem to absolutely proud and entitled to chargeback whatever for whatever reason.
I'm not American (I'm from the UK), but filing a chargeback is an incredibly satisfying weapon for a consumer.
So many companies try to weasel out of their legal obligations under consumer protection law, so why not hit them with a chargeback when they won't do what they're required to?
After being burned by PayPal protection not working out, I will now buy anything I can directly on a Credit Card, as you just get so much more protection in the UK - both contractually and legally.
> The thing is, even here on HN (where I expect, maybe not warranted, the level to be higher), people seem to absolutely proud and entitled to chargeback whatever for whatever reason. Those are almost 100% Americans (I check) and that is where I got the idea; this sentiment is much higher on tiktok, youtube, reddit etc. I even saw some shorts of people screwing merchants with chargeback like it is some batch of honour.
That's an example of selection bias and other confounding factors: HN users are disproportionately American, Americans are more likely to know of chargeback rights than people from other countries, Americans are more likely to have credit cards than people from other countries, American statutory rights in this area (especially for credit rather than debit cards) are stronger than in most other countries, people who abuse chargebacks are more likely to be American than from other countries for all of the foregoing reasons, Americans are more likely to boast than people from most other countries, Reddit has disproportionately many Americans, and people who make shorts about chargebacks are more likely to do chargebacks than people who don't.
Consider statistical rather than anecdotal evidence in this area. According to one payments processing company, Clearly Payments, the USA has slightly below average chargeback rates, at 0.47%, behind the UK, Belgium, Germany, and France:
There's nothing wrong with using a right the card networks explicitly provide you. Even here on HN I see a huge tendency to play fast and loose with access to customer money, and corporation-on-consumer fraud has been normalized and is treated as no big deal. Chargebacks are a normal and expected reaction to that.
I'm sure chargeback abuse is a thing, but in aggregate, I'd argue people are still not doing enough chargebacks, because businesses are still engaging in unethical (& potentially illegal) practices of billing customers for services not rendered, or unclear pricing, or dark patterns.
Dark patterns with regards to payment should be a big no-no, and the fact they're still around suggests this behavior isn't being punished enough. So we should in fact have more chargebacks, until the situation becomes that it's more profitable to play fair and legal than try dirty tricks.
Unlimited, no-confirmation access to pull money just based on a static card number is a bug to begin with - ideally every money movement would be authorized on the spot or preauthorized in advance up to a limit.
But assuming we do have this bug, it seems like merchants are happily abusing it - "free" trials that are impossible to cancel, unexpected charges buried in 50 pages of T&C, etc. Chargeback is a completely normal reaction to this and I recommend it to everyone.
The heuristic I use is simple: did I expect this charge, and would I have agreed to pay for it had I been asked for upfront? If not, the merchant gets a quick email, and if they're not cooperating, taking unreasonable time to action it or are outright unreachable they're eating a chargeback and it'll be up to them & their processor to argue it further. They are welcome to put their processor/acquirer person on hold for hours (like they would do me if I were to play their game) and see how that works out for them.
> I'm sure chargeback abuse is a thing, but in aggregate, I'd argue people are still not doing enough chargebacks
But it only adds fees aka an extra tax; you are paying for it. Merchants just up the prices, banks up fees, conversion rates, etc etc. Someone is paying for it and it's always most likely you. The strange idea people have that 'this is free because it is law' is interesting. It is VCs (in neo banks), it is you in established banks. I rather do not pay for any of your chargeback behaviour really.
But I’d rather pay a small tax across everything rather than get stuffed for a much bigger amount.
Ideally, we’d have technical means to prevent people from getting stuffed (the oAuth-style token system I’ve described in other comments on this thread), combined with legal means to ensure businesses are discouraged from doing the stuffing in the first place (and those who do are promptly sued out of existence).
Until this happens, consumers (including me) will keep using chargebacks as their only way to defend their interests.
Also, if we were to magically rewrite the system tomorrow and eliminate card fees and the potential for chargebacks, do you really think businesses worldwide will suddenly lower their prices as a result? The market already demonstrated it is willing to pay the current prices, so the savings from lack of fees/chargebacks will end up in executives’ yachts instead or pissed away in more advertising.
> You'd be surprised - at least in the public transit context with iOS Express Mode, double Apple Pay taps by transit systems have absolutely been recorded plenty of times.
Where? I heard it many years ago a few times but not for a very long time? Maybe it was a bug which got fixed?
It was common in NYC even a couple of years ago. Very likely it was a bug indeed, but unless there's a good technical reason why such bugs would only happen with merchants who can easily be reached to arrange refunds and who will routinely cooperate with those refunds, unwarranted double charges should be disputable via chargeback. (Naturally, not all double charges are fake - some are legitimately paying the same amount more than once. Being able to start a chargeback procedure doesn't prevent the merchant from showing the bank evidence that the charges were correct.)
Ah, you're proposing to remove US credit card customers' statutory right to those chargebacks except if they opt into a surcharge on a per-transaction basis.
Yes, essentially moving the transaction fee the merchant pays to the consumer. This means they can choose whether they want the additional protections those fees currently pay for.
> You could eliminate a lot of the fraud by moving off a mostly-static identifier to merchant, amount and time-limited tokens the user generates with their bank (or the merchant redirects them there). This would address a lot of the issues - the tokens are useless when leaked...
This almost sounds like a subtle recommendation for the Lightning Network. It's based on single-use invoices that are locked to a specific recipient and is usually limited to specific amounts.
It's pretty much how every cryptocurrency works, with separation of public (receive) and private (send) keys.
The fact that invoices are temporary in LN is a weakness of the design, not an intentional choice. The lightning network represents a regression from the typical use-case of cryptocurrency because both sender and receiver need to be online to make a payment.
There's a lot of interesting ideas around cryptocurrency but they all kind of have the problem that they're associated with cryptocurrency, which is now strongly associated with absurdly high transaction fees, get-rich-quick scams, and wasting colossal amounts of energy for a pathetically-low transaction throughput.
Good luck convincing J. Random User that your cryptocurrency is none of these things.
Portugal like many European banks already has a working solution to this for 20 years where you can create temporary card numbers and use that instead or, as of late, pay directly through an app that enables this same behaviour.
The Netherlands had a similar system where they used physical totp (I believe) terminals which generated them from your bank card + pin, completely offline. Nowadays everyone uses iDEAL identically to what you describe.
I often make medium-to-large purchases using SEPA bank transfer. The merchant gives me a bank account number, a random or serialized reference code, and a week to make payment. I go to my bank, and send the money to the bank account, inputting the same reference code. Once it arrives (usually within the day or the next morning) the thing is paid. This works for most online purchases that are not urgent and support the payment type.
1. Banks are also allowed to charge fees for SEPA transfers, with some limitations.
2. It does care about currencies, in that it only supports one: the E stands for Euro, and all SEPA transfers, in the four rails it provides, are in Euros, including transfers from and to countries that are not in the euro zone.
3. And SEPA isn't limited to the European Union, as it has 36 states participating in the scheme, more than the EU's 27.
I don't know from where you are, but in my country this is considered generally a bad or not safe idea. When you send money directly to someone, if they are fraudsters, it is very hard to get that money back. On the other hand, it's generally easier when you paid with your debit card. And even easier and safer if it was a credit card.
The victim is identifiable by their bank and therefore traceable by the law enforcement agencies. If they're fraudulent, men with uniforms and guns come to their house and put them in jail. It's a clever system, really.
Depends on the bank. In Germany, N26's free account charges 0.49€ per instant SEPA transfer, and sometimes it's unavailable because the other bank (e.g. one used by many German doctors) only supports non-instant SEPA.
But yes, instant SEPA is often free and often available and very nice when both of those are true.
I want to buy a CD from Amazon for 19.99.
I click on my bank application (or maybe some QR code on Amazons site)
And that tells my bank app on my phone to authenticate my phone agains the bank
And ask for a 16 digit number that is solely for amazon, 19.99 and 20240812
Think standard oAuth. Github has multiple flows that should cover most purposes here: https://docs.github.com/en/apps/oauth-apps/building-oauth-ap.... The key is that payment data is encoded in oAuth-like scopes, so all authorizations are scoped by amount and lifetime, and are implicitly merchant-specific.
Browser-based flow, where you're already logged into the bank in an existing browser tab:
* Amazon redirects you to oauth-proxy.visa.com where you select your bank (if you've done it already once, it remembers and redirects straight to your bank)
* Visa redirects you to your bank - if you're not logged in, you do a login - this is up to your bank on how to do that - authorize with an existing phone, WebAuthn, etc. On OSes supporting it, this URL can be hooked and handled directly by a native app which may use the device's secure element to store its auth credentials for the bank
* Bank displays you the payment request details (which include your Amazon account email, order ID, etc - all info you need to confirm it's indeed your payment request and not someone else's) and allows you to change them (maybe you want to authorize more or less, or make it one-time/recurring with a daily/weekly/monthly/yearly cap, or set an expiry after which the authorization is no longer valid)
* In the background, Amazon gets a success webhook from Visa (or their processor) saying that this authorization request has been granted, or they can poll an endpoint - this eliminates the need for a final redirect back to them like in normal oAuth
* If this is a recurring charge scenario, Amazon can store this payment request token against your account and use it multiple times, as long as the charges fall within the policy set during initial payment request establishment (if you set a max of $20, they can do as many transactions as they want up to a total of $20).
Device-based flow, where you aren't/don't want to login in to the bank the same browser:
* Amazon redirects to oauth.visa.com as above
* Instead of clicking on your bank directly, you say "authorize via phone", it just encodes the URL of the current page in a QR code so you can scan it on the phone - you then do the above flow there. Because the success/failure of a payment request is already communicated directly between the merchant and Visa, there is no need for your phone to pass any data back to the browser, so no need for a "reverse channel" to be set up.
* On your phone, you may have your banking app installed, so it takes over the domain name of your bank and automatically opens the payment request authorization there, using your existing session within the app.
Point is, not only is there no longer a concept of a card number that can be copied, stolen, or leaked, but the user also remains in control - they can control whether the payment is one-time or recurring, set limits on recurring payments, and be able to cancel these authorizations at any time, after which they're guaranteed that nobody can take more money without going through this auth process again. This eliminates many reasons for chargebacks, and reduces fraud risks for merchants too (merchants are no longer vulnerable since the auth to authorize a new payment request is between the user and their bank directly), so things like behavioral fraud detection or captchas on payment pages are no longer needed.
Downside (for scammers): business models based on a free trial that rely on the user forgetting to cancel, or those who intentionally make cancellation annoying or impossible wouldn't work, because payment requests should list upfront the max amount they can take, and the user can adjust that and make sure the unwanted charge just won't go through even if they tried.
This is no different than chip+pin for physical purchases. There are still other major areas of fraud that has to be addressed.
It doesn’t cover credit risk-even on a debit card, there can be a “hold” period of an arbitrary amount before the final transaction clears. When you swipe a card at a gas station, they often run a $50 authorization hold on your account.
It also doesn’t cover merchant fraud—- Visa/MC covers you if the merchant doesn’t ship the product because they’re a fake company.
Then there are value-added warranty services that higher end cards offer. These are easily worth the 1%+ fee.
> When you swipe a card at a gas station, they often run a $50 authorization hold on your account.
Safeway gas stations upgraded their pumps to have tap-to-pay.
But with increasing gas prices (and not getting into that), they upped the auth hold to up to $125.
Except many card issuers limit contactless payments to $100... rendering tap to pay useless on the pump because it'll deny the preauth and require chip insertion.
> Except many card issuers limit contactless payments to $100... rendering tap to pay useless on the pump because it'll deny the preauth and require chip insertion.
I’ve noticed lately that contactless payments that go over the limit don’t require chip insertion, the reader just asks for the PIN to proceed. Maybe there’s been some updates to the standards?
Hmmm, not all credit cards have a PIN. Debit card, I could see that. I don't know if the data on the card indicates if there is a PIN attached to the card (i.e. ask for it if there is, don't ask if there's not).
The card and terminal communicate on which CVMs (cardholder verification method) they support, and they agree on one. If they can't agree the transaction is either cancelled or processed as "no CVM" (like normal contactless tap & pay with a card) depending on the terminal's and card's risk profile.
We had a similar issue with ATM in Austria where they are all set to max give you 400 EUR. Which was a sensible idea in 2001 but pays for much less in 2024. Somehow the banks have never heard of inflation or really don’t want you to use cash
So, this tickles an idea in my head. Under EU / UK regulations one can “overlay” a users bank account. I had always thought that was useful only as a Mint style approach but this seems feasible
This is a technical solution to a non-technical problem.
My risk to my credit number being stolen is honestly low. The risk is the merchant providing a substandard service 99% of the time, and an OAuth style payment flow does nothing for that.
Someone like Amazon who is a trusted merchant already negotiates fees with their banks and they likely already have an extremely low fee rate.
What Stripe, Square and PayPal provide is a service for integrators who don’t want to
spend money talking to a bank, negotiating a rate, and then implementing the required security to execute their own transactions.
Walmart, Amazon, and the other big companies are not interchange exempt. They are not able to get a significant discount below interchange, hence why they keep financing lawsuits against Visa, MasterCard and such over the bundling of all Visa or MasterCard branded low-cost (non-rewards) and high-cost rewards cards under one banner that they are forced to accept as a bundle.
Merchants would love to reject all cards that are a Visa Signature and above, leaving only the very low cost cards as accepted. The Card Networks have engineered via branding and contracts that this does not occur though.
PayPal: In Netherlands there is system called iDeal which provide online payments via tokens, without giving any of your data to seller (recipient). It is supported by all banks. It is super-convinient, you scan QR code by bank app on your smartphone if you pay on other device (laptop, computer) or link is opened by your bank app on mobile and you approve payment. You don't need to enter anything, only select your bank from the list. You don't need to pass your payment data to 3rd party like PayPal, there is no place to steal or phish your card or account data in this scheme.
Visa or MC could do the same, without additional parties. But no.
Just back from Poland- they have a great system 'BLIK' that sounds like iDeal...
Most merchants have a BLIK button... you click it, enter a 6 digit code created on your banking app. Purchase complete. Takes a few seconds. No card numbers, CCV etc..
For example, transfers between accounts are instantaneous, not 2-5 days for ACH (Wire transfers are same-day, but expensive).
Electronic menus/payments in cafes are default for at least 3 years now (US has toasttab.com but it's far from being default).
If you have a small business account, taxes are paid in one click (app shows you tax to be paid with Confirm button).
PS: These features are available in many other countries besides Ukraine, of course. Only in government id/functions Ukraine excels (#2 in the world, after Estonia only).
Let’s just say I get an iPhone notification when the court case in which I’m a party had a hearing sceduled.
And if I want to write a petition in this case, I log into the web portal, write it down, click send and blink into the app twice to
Electronically sign it.
Which produces your normal CMS ( pkcs#7 ) signature on a pdf file.
It’s also not a special court app for a specific locality, but a nation wide government app.
Wr also don’t write damn cheques and never did, as it’s bullshit. You want to somebody —- you get their card number, open the bank app and tap send.
That's certainly an interesting use case. And yes, difficult to see being pulled off anywhere in the US, the way it tumbles along with such things.
Re: paper checks: they're far from bullshit -- being time-tested, perfectly easy to use, and best of all, not requiring a device of any kind. Provided, as concerns ease of use, one has spent enough time in an environment where their use is ubiquitous. So I can certainly see they might appear as a nuisance or just weird at first, for the rest of the world).
iDeal is working on international expansion, so it may become available in other European places.
The main downside of iDeal for consumers is that it's irreversible. If you pay and then never receive the product, you can't get your money back. While PayPal and credit cards do offer that extra protection to consumers.
So iDeal is really only good for the merchants due to the very low transaction costs.
Stripe had a live dashboard over Black Friday that showed the dollar value of all transactions across their network, including those blocked for fraud. The fraud rate was nearly 12% of the total dollar amount of transactions.
Which, we've got to ask about the false positive and the false negative rate. it's annoying when it's really me and I try to charge something and it gets declined, but also the fraud detection can't be 100% effective, so the real rate is probably higher.
The challenger to these will solve for a different problem. Not every transaction needs complex fraud detection or being able for the customer do to chargebacks.
For a 3% discount, would customers agree to use something that worked just like cash, where the transfer was instant and couldn't be undone? Then you don't have to worry about fraud, chargebacks, etc.
You are missing the opposite side of the fraud picture: Where it's not the business scamming you, but someone taking your credentials and spending up to the limit in a store that deals with no chargebacks. This is, if anything, the larger size of the fraud losses for the Stripes of the world. Fake businesses that use the cards either for testing if the creds are good, or where the owners charge cards that they obtained from some other malicious actor.
So it's not that I get 3% off by not supporting chargebacks, but whether I want to have a dollar under a payment system that supports someone emptying me out without recourse.... and the answer is often no.
Or further abusing your weak password on a site and then racking up a ton of charges to a product that they're capable of laundering in some way into money for them at any ratio.
There's an issue that you're not addressing: what happens when someone who isn't me spends my money? I think people would be happy for the theoretical 3% discount until their account is drained and sent to North Korea with no recourse.
It is fantasy to think they'd get a 3% discount. The goods in stores that take only cash do not tend to be cheaper than those that do.
They know what people are willing to pay and will charge the price. If they see people are willing to pay $99 with a credit card, then they'll be willing to pay that with cash.
I think the issue here is who is paying the fee and where is the fee surfaced. A free market solution would work here, but it requires some regulating to create the transparency required.
Everyone pays their own credit card fee as a line item on the receipt, merchants are required to print it on the receipt. If customers actually had to pay their own fee's on each swipe you'd see a lot less people reaching for the Platinum card and instead for the no frills local bank credit card. You'd also see immense downward market pressure on swipe fees as now card issuers have to compete against each other.
Technically the merchant is paying the fee, and he perhaps is passing some or all of it to you.
The reason merchants might not pass it all to you if that they get a lot more sales volume when they support credit cards, so they can still be more profitable while paying for some of those fees.
I know I'm going to get hated for saying this, but the businesses that charge extra for credit card use under $10 are trying to extract as much out of you - they're aiming to get the best of both worlds. The price of their goods are still such that they're assuming you'll pay with a card.
At the end of the day a business has several costs. Rent, cost of shipping, utilities, etc. When these go up so do the costs of goods. Credit card fees are no different in that regard. If they hated it that much they wouldn't support credit card payments. They do support it because then know it'll bring in more revenue than without - and will easily pay for itself and more.
The issue is there's a huge disparity in the fees for certain payment methods.
Some cards cost merchants much more than others, but they are contractually forbidden from differentiating their prices based on that. It's anticompetitive. Lots of "buy now pay later" schemes work similarly, when afterpay was (or is) a big thing they charge 7% and forbid the merchant from including that cost in their prices.
If the consumer had to bear the cost of their payment choice, no problem, but the reality is consumers with low fee payments are paying slightly more than they should for everything and those with high fee payments pay less than they should for everything.
The reason merchants don't pass fees onto credit card customers only is that the credit card network prohibits them from doing so. If they were to charge a credit card fee, they'd get banned from processing credit cards at all.
> The goods in stores that take only cash do not tend to be cheaper than those that do.
In NYC they most definitely do. A lot of the corner stores will change you less with cash. I'm not sure it is a the card payment or that they are keeping the sale off the books, but something that might cost me $18.50, I'll pay $18 for.
When I wrote that comment I knew someone would come out and use New York City as a counterexample.
The reality is except for a few of the really major cities those types of stores are usually more expensive than their larger counterparts in virtually all other cities in the US.
In my city I'm not going to get cheaper groceries by going to the smaller stores. They are more expensive regardless of whether they support credit cards or not. They may be superior and certain other aspects but price is not one of them.
My guess is the opposite may be true only in places where owning a car is expensive or inconvenient.
In Poland, the default way for computer shops in 2000-2010s was to offer 2% discount when paying in cash. (The prices displayed were assuming cash, so if you paid by card, you'd pay more.)
I didn't see this anywhere else though. It probably made sense for computer shops because most transactions one would do there would be sporadic, big, and planned.
(Since then, the Mastercard/Visa fees went down to 0.2-0.3% due to EU rules, so probably those discounts are less popular now).
In the US offering different prices when paying by cash vs card was a violation of the agreement with Visa, as is putting a minimum price threshold for card usage.
It's still fairly widespread though, and occasionally makes the news. Might explain why you didn't see it often.
I believe the Visa merchant agreement never forbade cash discounts, only credit card surcharges. I'm not sure, but the current rules are different due to a legal settlement.
In the US, not only does Visa now allow cash discounts and minimum price thresholds up to US$10, but they also allow, in most states, credit card surcharges (sometimes subject to specific state-law legal requirements).
Visa still officially disallows minimum price thresholds outside the US and certain related territories like Guam, and credit card surcharges outside the US - but I nevertheless see them plenty often here in Germany in small shops. I think the permission to offer cash discounts is global.
And how would that work accounting wise? Would they just claim that a bunch of PCs "fall off" a truck?
I'm not sure subjecting everyone to poorly regulated (even in the EU it's fair from ideal) monopolies/oligopolies that are legally entitled to literally tax every single transaction in the economy (in addition to the complete loss anonymity and all the implications of that) is not a too high price to pay for some reduction in tax fraud...
“Shrinkage” is the generic term I have heard for stock losses of all kinds in retail and distribution channels.
In many jurisdictions, cash payments can allow the retailer to avoid on-paying sales tax or VAT, as well as mark stock shrinkage as a loss for their own tax purposes.
Countering this would require very careful auditing of electronic toll records and paper receipt processes, which are in most cases trivial to evade if well-prepared.
And you can’t always be sure that the shrinkage - without the cash - is reported to the manager of the retailer by the person on the till, especially if an unofficial handwritten receipt is provided by the cashier.
I recall seeing a situation involving a very large champagne purchase on New Year’s Eve in cash for 25% off and a “till receipt problem”.
This is the purpose of Zelle, Venmo, money wires, and checks. But there are many problems they don’t solve, that customers and sellers prefer to be solved and are willing to pay for.
I would use my debit card even if it behaved exactly like cash, ie, when the recipient got the money, my only way of getting it back is to sue them or call the police.
Obviously any electronic payment system needs to be secure internally but society lasted a long time and made fine progress when having your wallet stolen meant losing your money.
It would be fine to require a person to charge their debit card with a finite amount rather than have it be funded up to the limit of the supporting account and that would solve the last problem compared to cash.
I understand that Europe is more secure with chip+pin, but in the US, debit cards do exactly what you describe. If fraud happens, you are out money until it is resolved.
The key difference from cash, in the US, is the ability to abuse cards at a later date without the physical card. For someone to steal your wallet, they have to be colocated with you and can only steal as much as you're walking around with.
As long as debit cards have a magnetic stripe and have their full number printed on them, and that information is useful, this problem remains.
I don’t believe SCA is enforced by the bank. It’s voluntary by the merchant. It acts as a liability shift but won’t save you from someone not caring about it and emptying your account (temporarily until the chargeback goes though). I don’t think any bank offers an option of “allow SCA-only transactions” and I don’t think it would be even possible (I’m not sure there is any token/session identifier to tie the SCA request and the actual subsequent transaction even).
When adding a card to a taxi app for example I get SCA prompt for a zero amount, but then they can charge me for any amount without subsequent SCA flows.
Presumably those subsequent transactions wouldn’t have a liability shift to the issuer but it still means that they can at least temporarily steal all your money until your chargeback claim goes through.
The whole concept of “card number” is rotten. What’s needed is an oAuth2-type system where every payment needs to redirect to the bank (actual redirect, no stupid hacky iframe like SCA/3DSecure is) and where you can see the merchant and set the max amount (and whether one-off or recurring) and the bank records that and keeps a list of authorized merchants so you can revoke them at any time. The merchant then must use this token to pull money, and can't pull more than what the token allows - just like your usual oAuth2 scopes.
This is not right at all (it's mandatory fo all banks and merchants in the EEA), although you're correct that SCA still has loopholes (like a US merchant... just trying, although a bank could just mandate 3DS to solve that).
How do you explain the example I gave where the taxi app only has to SCA me once and not upon every transaction? This is in the EU.
What I suspect is that the "mandatory" bit is by law (and the law has flexibility, which covers this taxi app scenario) but there is no technical solution to make it mandatory, thus a non-compliant merchant can still drain your account until your chargeback claim goes through.
You're right that it's not fully enforced technically. It's complicated, and I don't think that's really solvable by technology (being that this scenario is roughly equivalent to direct debiting). Banks can validate if a particular merchant has already been used by a customer and blocking them from debiting your account, but since that SCA has exceptions for recurring debiting, this is not really enforcable once the customer has authorized the merchant for any debiting.
> If you attempt an exemption and the bank returns a decline code indicating that the payment failed due to missing authentication, you’ll have to reattempt the payment with your customer but this time utilizing SCA.
Yeah, Europe is ahead on this; I hedged my earlier statements heavily.
It's not a difficult technological problem to solve. A card's chip should be able to guarantee that the card is physically present for any transaction.
Obviously online payments would pose a problem, people would need to either own USB card chip readers or banks would need to do something new and special.
In Germany (/ the EU?) we have electronic ID cards that can be used for a few online services.
The physical card can communicate via NFC, and there's a smartphone app you can use with it.
For PCs, you can buy some fancy NFC interface if you want, but you can also have your phone act as a reader, the PC connects to it over the local network.
Maybe something similiar could work for banking cards. They all have NFC anyways.
On the other hand, you might as well just have an app that is registered with the bank on your computer/phone (like how it works for smartphone NFC payments) and skip the card.
Online payments are done using pretty much the same system. Instead of the chip, you get either a 2nd authentication mechanism, or start out with a strong token (be it the strength of the token itself, or the stability of it).
An older example was getting transaction authorisation numbers. You would either get a long indexed list on paper, or you could receive then over the phone (voice or text). This was then mostly replaced (about 10 years ago) with hardware (H/T)OTP type tokens that required your card to be inserted in the token and PIN authenticated. Later on that too was replaced by a cardless version, and that one then was replaced (for consumers) with mobile apps.
The combination of minimum software versions, online authentication, transaction limits, daily limits, and time-locked temporary limit increases (so you can buy a car with your phone, but you have to up the limit a couple of hours ahead of time for it to take effect) make it pretty safe with acceptable risk for the bank. And then there's of course the standard fraud detection and prevention departments, so if you do something unusual that also involves a lot of money, you're likely going to get a call.
For business use, there are other systems, generally two types like EU-wide smartcards or bank-specific smartcards that can be used to authenticate and authorise. You'd use an USB or NFC connected method for that. Sometimes that involves entering a PIN on the device itself before the computer can talk to it, but that does make the OTP exchange very fast. You'd still have limits or multiparty authorisation setup in your organisation so you don't end up with one person just moving a couple of 100K around on their own.
And then there's some overlapping systems, apparently this one is going EU-wide: hhttps://en.wikipedia.org/wiki/EIDAS and apparently some implementations include useful things: https://www.idin.nl/en/businesses/ like age confirmation where the business doesn't need to know who, what or where you are just if you're of age (and not even a specific age). Granted, nothing is perfect, but it's a whole lot better than finding some S3 bucket somewhere with JPEGs of ID cards. As long as they don't do dumb stuff like trying to MITM TLS, it's progress. The overlap is in the concept where you can use some electronic means to prove who you are to get something done.
If you have an unprotected vector fraudsters will find and exploit it. They're literally paid to do so.
I've seen fraudsters that are ridiculously persistent to make $2,000 in a year. But they just keep poking at it at a certain point you're able to ramp that up to $80,000 in a month I know they're good it was completely worth it to him for several years.
How I've seen people spend hundreds of hours to generate a few hundred dollars worth of in-game currency or on-site reward points.
> Not every transaction needs complex fraud detection or being able for the customer do to chargebacks.
Well, not until you get hacked.
We might be happy with instant, no-undo transactions until our device gets hacked and our bank account with many thousands of dollars gets drained, through no fault of our own.
Then suddenly, complex fraud detection and transaction reversals seems like an awfully good idea.
Because the issue here isn't about chargebacks where you genuinely made the transaction but the business failed to deliver, and maybe you lose a couple hundred dollars. The issue here is about when you never authorized transactions at all, and you lose all your savings.
EU caps interchange fees at 0.3%, which is probably still too much. The 3% is mostly to finance the various gimmick programs that make naive people think they are "gaming the system" with their 20th card in wallet (and because they can, of course).
> Fraud and Risk come in many forms, and these providers, even with their UX innovations, sit on top of those same rails to reduce fraud. Without those rails, buyers can’t trust sellers and sellers can’t trust buyers.
In my opinion, you need to find a way to solve that problem before you can eliminate the fees being captured by these providers.
And failing the elimination of those issues there will always be some fees. New vendors can pop in and push the fee structure down if they can run a more efficient operation.
Most countries that aren't the US basically did this, in one way or another.
There are multiple ways of doing so, two-factor authentication (think 3d secure) is one, an oAuth like system where you log in to your bank on their website and consent to a wire transfer is another. There are variations on these ideas, the system we have here gives you a 6-digit code in your banking app which you can enter on any device, trusted or not, and then accept the transfer via a pop-up on your phone, no personal data involved.
As far as I understand, both US law and US history heavily incentivize the use of credit cards. There's no nice way for landlords, banks, mortgage lenders and other such institutions in the US to do "background checks" on their customers except through credit scores, and that incentivizes credit card use. There's also a regulatory difference in how credit versus debit card chargebacks are handled, making credit a lot more friendly to consumers in cases of actual fraud.
Then there's the historical aspect, in the era where there were no computers, and most vendors could at best call a bank to verify if a card was valid, a debit based system wasn't technically feasible, which is what put the US on the path of credit. A lot of poorer countries had the major cash-to-cards transition a lot later, in the era of chips and dial-up modems, which made debit a lot easier to implement, and so that's what they went with, and debit usually means far lower fees.
> Most countries that aren't the US basically did this, in one way or another.
Most countries that ARE the US put the burden on the business and the credit card companies, and limit the liability to the credit card holder ($50 max, sometimes $500)
I've known people in other countries that lost money and they were SOL in comparison. Maybe they have cheaper transaction fees.
Nah, that's just because in the US people usually buy with credit while in Europe is mostly debt.
If you buy with credit you are using the bank's money, with debt your own and you have less protections in the second case.
Trust me, i have meet my fair share of adults who don't own a credit card and if they want to buy something online just charge a prepaid card with the needed amount.
American express is not accepted in a lot of places because it is only credit and the processing fees are double that of debit cards.
Visa and mastercard debit cards are accepted just because you can't only accept debit cards, a lot of vendors fought for the ability to do so.
These systems act as sort of a fraud insurance. I think in an ideal world we would have low friction low cost money transfers, but people could purchase insurance against fraud. There are complications to this, such as how to be both efficient and avoid abuse, but it would simplify every day life not having to think about a million different payment systems.
I find it weird how fraud protection is used to justify why these companies are so popular because fraud is not something that most consumers care about up front, most people only start caring when it happens to them. Most tend to assume that every tool they use is secure by default. "This product is not insecure" is not a very compelling selling point IMO.
It's actually difficult to justify Stripe's popularity aside from media monopolization preventing alternatives from gaining mindshare. Everyone knows Stripe but many don't know about the existence of alternatives.
Stripe, Block, and PayPal were never required to process transactions.
You can negotiate with a bank to get your own rate and then implement your own secure transaction processing. Visa is still required though.
I have worked at companies that bypassed those middlemen. Many companies don’t do it because they are okay with paying higher fees so they don’t have to deal with that extra headache, or because they work at smaller companies that think Stripe, Block, and PayPal invented payment processing when Visa and banks have been around for decades longer.
Yea I’m not proposing to replace low security credit cards with low security debit card this is a silly strawman.
EDIT: I see the general problem of origination fraud. But that can be mitigated by imposing limits and requiring extra levels of authentication for bigger payments.
> EDIT: I see the general problem of origination fraud. But that can be mitigated by imposing limits and requiring extra levels of authentication for bigger payments.
Which are exactly the kinds of things credit cards do, but it can't be perfect so they still suffer losses, so they still have to charge a percentage.
(Of course a lot of the percentage can go to rewards programs, so we're talking about the percentage once those are accounted for.)
In the US you can take money from a credit card by just using the that’s plainly written on it. That’s not what I would call making an effort at origination fraud prevention.
You said you don't want the ability to do chargebacks, but chargebacks solve two different problems: 1) origination fraud (i.e. someone not you originates a transaction from your account) and 2) merchant fraud (i.e. goods not as described/unsatisfactory/undelivered).
It's fine if you say, yeah I can do without #2, but realistically you cannot do without #1 in any digital payment scheme that will have wide acceptance so a chargeback mechanism is required.
The only settlement methods we have that do without both protections are cash, cashiers checks, and wires. Setting aside cash the other two are a pain in the ass to originate exactly because they are non reversible.
This is something I find so fascinating about the American financial system... Home Depot in Canada has taken tap payments and Apple Pay for a long time now.
Yeah Home Depot is a bizarre exception, AFAIK they signed a contract with PayPal at some point long ago that prevents them from accepting tap-to-pay. Their checkouts have all the hardware for tap-to-pay, but contractually they can't turn it on.
Hopefully that contract ends soon, because wow did they shoot themselves in the foot on that one.
What he's saying is that you (konschubert) involved VISA in the transaction. And since VISA is a paid service, you were charged.
As for why you involved them, that is the actual issue at hand, because it's a choice, not something that was forced upon you. But the choice isn't the first one that comes to mind; the choice was between protecting consumers or protecting corporations. And in the US, corporations are better protected than consumers. To level that protection, you (a consumer) have to involve someone else (a corporation) to gain any practical protection.
If that method of protection wasn't needed, you'd be paying using a cheaper (or free) method where you'd be protected differently (i.e. not based on the money going from A to B, but based on the fact that you are a consumer and should thus be protected).
You could also go back to the first choice that might come to mind: protection. If you are not in a society that protects consumers directly, but you also don't want to pay a corporate provider for that protection, you could opt to forgo that protection.
And what I (konschubert) am saying is: I would like to have more choices, as a customer and especially as a merchant, so I don’t have to pay visa 3% next time.
And I think this means there is opportunity for disruption.
Creating those choices requires societal adjustment. It is not something that can be manufactured by a market, and as such is the purpose of government. Many examples of this exist in production all over the world, with high degrees of success.
If you find businesses who are willing to let you pay by other methods (assuming you are unwilling to use both cash and credit cards), you can give them your business. Businesses respond to consumer demand.
If they don't trust you enough to give you credit without a guarantor like Visa or Mastercard, then I don't think there is any way for you to force them.
There are businesses who let you purchase stuff online by bank wire.
One aspect that's very important is legal. It's very hard / cumbersome to comply in legal for payment processing in one country, having it to comply in most countries is a massive feat, and an expensive one at that. Though yeah if you already has a mass, pressuring regulation may be easier.
And the value prop isn’t just the payments. Once you add things like inventory management, front/back of the house integration, taxes and a bunch of other things, you’re simplifying a lot of things for the business at a lower cost than having them pay for every one of those things.
I use PayPal for my tiny business. On the one hand, I'd rather not pay them 3% of my sales. On the other hand, if the features of PP (security, buyer protection, ease of use) increase my sales by a palpable amount, then it pays for itself.
Just imagine how different the Internet would look like today if receiving payments would’ve been as easy as receiving email from the beginning.
That it is not trivial for a single person on the Internet to receive payments without a third-party involved, in my mind, leads directly to an Internet that is based on ads and on monopolies:
You can’t make a living posting stuff online on your own private website. Because since you cannot receive money, any value that you add online can never be translated into value offline. So you need to post on someone else’s site, which then acts as a publisher, and has the economies of scale necessary to make taking payments viable. Or otherwise, you need to monetize your content by placing ads, again, using some middleman, who is big enough to be able to afford access to payments.
> if receiving payments would’ve been as easy as receiving email from the beginning.
In Germany, every business (and some individuals) has published their account number for ages (on the letterhead, website, etc.), typically right next to their address and email address (or fax number, for that matter).
And with that account number, you can just transfer money to the recipient. It really is as easy as email.
Well, it really doesn’t suit itself for automation, much less for real-time transactions. Say, you want to sell access to an article on your website. It would be cumbersome for the customer to have to switch over to their online banking and typing in all details (ok, today we have QR codes, but you still need to jump through many hoops, much more than with, say, a credit card or PayPal payment). Then it takes time until the money shows up in your account - sometimes several days. And, finally, there was no API access available from the banks for small sellers that would have allowed them to build an integration, even if they had the resources to write custom software.
Imagine you are an sized e-commerce merchant. Someone checks out on your website and sends you a bank transfer. Then what?
You go through your ledger (bank account), find the transaction with an order ID as a memo (hopefully the buyer added it and correctly), and then you look up that order in your system and submit the order form to your warehouse?
It works like: customer gets an order number and puts this on the description of the bank transfer. This is parsed by the accounting SW coupled to this bank account, and voila!
Most banks charge some amount per transaction on commercial accounts though.
The problem is that it's extremely failure prone and not instant.
Gotta wait for the buyer to make the transfer, you gotta wait for the transfer to go through, you gotta hope that the buyer put in the order number in the description.
In Canada we've had email money transfer since 2003. It used to cost $1 if you had a different bank then the person you were sending to but now it's free. Generally only good for friends and marketplace items though. Can't use it for ecommerce.
it's not just not trivial, it's quite cumbersome. but micropayments exist. assume I made some content and users wanted to give me 10 cents for it. if they didn't want to pay the 30 cent visa tax, they'd have to: create a Coinbase account, fund it, buy some crypto, install a wallet, move the crypto to the wallet, and connect the wallet to my website, before finally sending 10 cents my way. even if we handwave that the server side exists, how many users are going to bounce off of that?
Only needs to be done once though. I tip and buy things all the time with my crypto wallet now, and it's less than a cent per transaction. Just waiting on more sites and stores to support it.
Credit cards were also a PITA when they first came out.
This use case is the entire point of cryptocurrencies. It’s just a shame that there wasn’t more effort spent on improving the UX rather than running the VC playbook on the ecosystem to seize control over it.
There's a reason Facebook is printing money and X is not making any (and essentially never has). It's actually not the user generated content that primarily matters for ad revenue. Time spent on the site is necessary but not sufficient
Twitter generated $3.4 billion in revenue in 2023. That's a helluva money printing machine. About a fourth the size of Facebook's. I don't know how big yours is, but thats bigger than mine. The problem is that, even with such a big money printing machine, if it costs more to operate than it spits out, you don't make money. Twitters problem wasn't getting money, they were getting huge piles of it. It's that they spent more than was coming in. Paying people to make the service happen, especially people to deal with the people who want to give them money to run advertisements, on top of with everything else, was expensive.
By "making money" I mean profit. If you add up only Twitter's good quarters prior to Musk, it's less in total than Meta made in a single quarter in 2016, or roughly 1 month in 2024.
Put another way, Meta makes more profit in a week than Twitter was making per quarter at its best
This is why I was excited about Libra (later renamed to Diem.) which was Meta's feeless digital currency that was scrapped. It could have been a Western WeChat Pay, which charges no fees up to 200 RMB ~= 20 GBP.
I don't see why they should get to shave a slice off of every transaction. It takes relatively little upkeep and they rake in huge profits.
The fees nudge businesses to use cash (well, to avoid tax too, sometimes.) or set a minimum transaction amount, which can mean fewer customers through the door.
I think a new, public infrastructure competitor could be healthy for economies worldwide.
It was not just "scrapped", they were basically forbidden from going ahead by regulators protecting the incumbents.
It's the same problem all cryptocurrency projects face. They allowed Bitcoin because Bitcoin is basically useless for payments, it's too slow and fees are way too expensive. Though Ethereum recently slipping through the cracks may disrupt the payments industry in a big way. Coinbase and Circle are already working on bringing direct stablecoin payment options to customers/merchants with USDC and other tokens afaik. Which would also be more decentralized than Facebook's Diem. Not sure how many people would trust corporate money, an open public ledger is preferable of course.
> They allowed Bitcoin because Bitcoin is basically useless for payments, it's too slow and fees are way too expensive. Though Ethereum recently slipping through the cracks may disrupt the payments industry in a big way.
Or authorities "allowed" Bitcoin because, given its lack of head to cut off, they had no choice.
Contrast with Ethereum's demonstrable central authority over its blockchain: When the developers were robbed of their coin by a hacker, they "reorganized" the Ethereum blockchain to undo the transactions associated with the theft.[0]
I regard Ethereum less as "slipping through the cracks" and more as a poison suppository greased and inserted by the powers that be.
You give plenty of examples yourself as to why it might be considered something worth prohibiting? It enables fraud above all else and doesn't offer undoing of errors from a users perspective, and thus it will never replace any of the things OP mentioned.
You also have to “buy” change. Banks don’t give bulk change that a cash business needs for free. You have to purchase standard denominations to give as change
Coinbase + USDC are essentialy this now. They've started working with many merchants both in the real world and online to add USDC pay and transactions are less than a cent with Coinbase charging no additional fees.
2%+8c alone seems unheard of and the idea of normal people using USDC is laughable. Have you interacted with the general public? Heck, even if it was as easy as Apple Pay or NFC tap with a card most people still wouldn’t do it, look at financial literacy in this country.
Not at all. There are other solutions around the world that bypass the payment gateways and credit card acquirers. In Holland they have iDEAL, in Thailand they have QR Codes, in Australia they have BPAY and in China they have WeChat Pay. There are tons more around the world. As a merchant, it can be very expensive integrating directly with all the different options, which is where these companies help - for a fee.
If you want to maximise sales and minimise abandoned baskets, you’d better make it easy for your customers to pay using the method they prefer!
I thought chargebacks were generally considered a pain: for merchants because it's used by abusive customers, and by customers because it means the merchant (or rather, their payment provider) needs to play a guessing game about whether you're going to do a chargeback and may baselessly deny you the purchase, as well as increasing the cost for everyone due to this increased risk the merchant has
Or maybe it's just me but I greatly prefer the non-algorithmic non-pay-on-credit mechanism where I simply pay for my purchase and the other party has no reason not to take my money (and the bank no reason not to issue the payment method to everyone: as an EU foreigner in Germany without pre-existing German credit score, getting a card at all was a pain, no matter if I could guarantee it with some insane deposit amount... I have the money, they just didn't want to issue a number to pay with because of algorithm magic). Now that I got that card number by co-guaranteeing with a German, purchases often fail like when I use mobile data which is from a Dutch phone number and so it looks foreign and I guess smells like non-standard situation → must be fraud, let's deny the purchase
Digital replacements for cash, like the aforementioned iDeal system, just always works and is available to everyone with a bank account in the Netherlands (iirc they're looking to start using it EU-wide because the costs are so low). No need to pre-pay either (like with paypal credit) because it just draws from your regular account. Another advantage is that it is owned by the banks collectively so you're not giving a ton of information to a third party, like most German-native payment options requiring to verify a phone number before you're allowed to pay the merchant for absolutely no reason other than tracking
It's probably just a cultural difference between (broadly) the US, Europe, and Asia. In the US it's increasingly uncommon to buy things with cash or cash-equivalents (Venmo, Zelle, etc.), especially high-value items.
Basically we have very few consumer protection laws compared to the EU, and it's very much a "buyer beware" culture here. If you get screwed by a merchant, most of the time it's just too bad for you, unless the merchant has a good return policy (most big box stores do, most small places don't). We don't have the regulatory protections that EU has.
So credit cards have sprung up to offer not just buy on borrowed money, but also purchase protections that live outside the legal/regulatory frameworks. When you buy something with a credit card, you get charged interest by the bank and the merchant also pays a fee. Some tiny part of those fees get pooled into these protection (and other) services that the card offers its members.
For example, depending on your credit card, some will automatically extend the warranty of things you buy by another year or two. Or price protection is that if the thing you buy goes on sale within 30 days and you find it for a cheaper price, the credit card provider (not the merchant) will issue you a partial refund. The chargeback system is often used for disputing issues (maybe you bought something from an overseas vendor who never delivered and never bothered to answer your emails, or maybe they lied about their return, or maybe provided some terrible product). You file a claim with the credit card company, not the government or the merchant, and the card issuer will mediate on your behalf. If the amount is low enough, they'll often just refund you without a full investigation (it's not worth their time). But it also serves as a sort of review & punishment system for merchants... those who get too high a volume of chargebacks will incur higher fees or be blocked altogether by the credit card issuers, meaning merchants are incentivized to fix customer issues.
Merchants not accepting credit cards here do exist, but they're relatively rare, because so much of the population uses credit cards instead of anything else. Even debit cards (that draw from your bank balance and typically have fewer protections) still have a partnership with Visa or Mastercard to allow you to pay as though it were one of their credit cards (just with a preset balance).
Of course all of this means it sucks for the merchants, but it's way better for the buyers than paying with cash (which leaves you almost always without recourse if anything happens). Our government is so captured and so weak that basically no state or federal agency will be able to help you in most consumer issues. We do have something called the "BBB" (Better Business Bureau), but it's not a government agency, just a fake third party middleman who pretends to do that function (but doesn't actually do anything)... it's basically just an old-fashioned Yelp.
So as a buyer, if you want any protections at all, it's a credit card or nothing.
> paying with cash (which leaves you almost always without recourse if anything happens)
One remark about this though: you always have recourse in court. We often hear the USA is incredibly litigious, but it's not like we'd not (threaten to) bring action against a merchant not acting honestly
The main situation where I see chargebacks being useful is when you fell for a scam and the perpetrator cannot be located for enforcement. Which is a legitimate concern for sure, but there's more ways of dealing with that than giving everyone the option to chargeback anything on a whim with no repercussions for them
> One remark about this though: you always have recourse in court. We often hear the USA is incredibly litigious, but it's not like we'd not (threaten to) bring action against a merchant not acting honestly
It is, however, like we (in the US) wouldn't bring action in court. Ordinary consumers don't want to have to go to court to resolve a dispute with a merchant. Unless you have a substantial amount riding on the outcome, you're just going to lose, even if you win. It costs time and money to go to court. While you may legally have recourse with litigation, in practice, it doesn't usually work that way.
Problem is that court action, even small-claims-court where lawyers don't need to be present (and may specifically be disallowed) is still significantly more effort than disputing a bank transaction.
Courts could be a useful substitute if the actual penalties were high enough that no merchant would dare even try a scam (then it doesn't matter if legal action is hard work, because the mere deterrent effect means you will never actually have to do it), but that's not the case.
The brazilian PIX is a digital cash transfer from bank account to account built by our central bank. It doesn't handle fraud and chargebacks which must be done by the seller or third parties.
If the systems are local to a specific country, they could reasonably skip the idea of chargebacks and just rely on the legal system to resolve any disputes?
So basically, if you use that to buy something, you have no post-purchase protections from the payment provider itself (chargebacks, extended warranties, price protections, etc.?) like the kind credit cards will often provide?
Blik in Poland is another example. Every single domestic bank supports it. Marketplaces like OLX (Polish ebay) will sometimes offer a moneyback guarantee for a small percentage of the transaction amount. You can use the same system to pay at the grocery store or the local doner kebab place. We’ve been using cash for far longer than credit cards.
And in the EU if you’re buying new physical goods online the merchant is required to give you a week or two to return it for free.
When I wasn't happy with a product, I either used the warranty or (mandatory) 14-day return option depending on the reason why the product wasn't conforming expectations
Perhaps warranty extras are more relevant outside of the EU where warranty laws may be less strict? How even does a payment system do warranty, it knows nothing of the product?
And what is price protection, it sounds like merchants would draw more from the account than you authorised? How would that even work? With iDeal at least, you approve a certain amount for a certain merchant (displayed on a second-factor device so it's not impacted by phishing) and they cannot later charge you more
These protections don’t really exist in the US. The only thing American consumers can really use as leverage to get a return is the threat of a charge back. Even a small amount of chargebacks (merchants call it friendly fraud) can land you in serious trouble with Visa or MasterCard. If you lose the ability to process cards, your business is basically poof — gone.
I have a longer reply in a sibling post (https://news.ycombinator.com/item?id=41276479), but basically, yeah... in the US we have very few consumer protections, so credit cards offer some of that in lieu of a functional government.
They also have much better protections against fraud (if someone steals your credit card and buys something with it, you're not liable... the bank will pay you back).
If you get scammed with a cash-equivalent (like our Zelle or Cash App or Venmo), too bad, there's no way to get your money back. I know people who've lost thousands of dollars that way, and nobody will protect you from that.
Credit cards here obviously charge high interests (and charge the merchants too) but they offer a lot of protections you otherwise wouldn't get.
> If you get scammed with a cash-equivalent (like our Zelle
Fun fact: shifting a significant chunk of liability for fraud away from banks and onto consumers was in fact one of the design goals of Zelle for the banks.
Getting scammed is a problem but it's not super common and the banks have a policy of refunding the money. Society bears the cost that way, and has the incentive to prevent and educate, rather than that it ruins some individual's life
Reducing charge-backs in another reason Chip & PIN was promoted by the banks.
With a signature the merchant is responsible for fraud. They are supposed to check the buyers signature against the one written on the back of the credit/debit card or cheque book. If the signatures don't match the merchant should decline the sale.
With Chip & PIN - a code only the card owner should know - the responsibility has been shifted away from the seller over to the buyer. The banks always say "NEVER share your PIN code with anybody. It's for you only"
Claiming a charge-back is much harder if YOU are the one who authorised the transaction by entering a code only YOU should know.
Correct, systems like iDeal intentionally don't support charge backs [1].
I believe the argument is that as long as they can ensure all transactions are secure and can only be initialized by those with access to the bank account, there shouldn't be a need for charge backs.
In a very limited form only. The fees are very low though. You still have all of your legal rights etc so as long as the retailer / manufacturer stays in business you get the warranty etc (EU law gives a warranty on "expected lifetime" but many try to limit that to 2 years - you have to sue to get more).
It’s the ultimate two sided marketplace and super hard to bootstrap.
But if you find a way to debit peoples bank account with 0 fees and 0 default risk and <5s latency, I believe you could potentially establish a reasonable super-low-fee payment provider and have a clear value proposition for merchants.
The problem is: Getting merchants and customers on board.
I’m personally super interested in this topic. If anyone what’s to chat about this: mail@konstantinschubert.com
My personal interest is more aligned with crypto (back in 2008) where I would like to see a transation layer which is independent... feel free to use banks or not, invest or not, but the way you move moeny about is shared and not owned by anyone.
Some things to keep in mind from the merchant perspective. A merchant will care about cost per transaction, cost of fraud/chargebacks, acceptance by customers, and integration into their backend systems. Once you have these solved, merchants will flock to you.
I’m a merchant myself, I sell e-paper calendars. Last year I paid about 4% of my revenue for transaction costs in various shapes. That’s very roughly 20% of my margin. (!) Some of these are hidden as very bad, but non-optional, currency conversions.
The hard one here is acceptance by customers. No merchant wants to clutter their checkout page with a button that nobody understands.
Or worse, have customers get trapped in a dead-end payment process.
Another way to think about this is in terms of how many marginal customers you get from being able to accept payments over the Web. 4% starts sounding less bad
You can make the same argument for, say, paying protection money to the Mafia or for paying the 30% apple tax.
Just because it’s rational to pay off a monopolistic rent seeker doesn’t mean that the rent seeker generates economic value corresponding to the monopolistic rents they’re extracting.
Banks don't do this well. It isn't always low transaction time, it isn't always 0 default risk, it is usually 0 fees but not internationally and the UX is not great.
(And's that speaking as former CTO of one of the largest banks in the world.)
I was responding to:
>> "ultimate two sided marketplace"
Banks' role in anyone's attempt to solve this is why one can't forget there are three sides, not two, to getting this right. Get the right intro and a bank might even want to foot your bootstrapping bill given how challenging things can be internally.
Unless you've worked for a payment processing company, or for a major retailer that does a lot of payment processing, you have no idea how much fraud or attempted fraud happens in transactions (you can even see it as a small retailer if you are getting sales online and say you'll ship international).
A credit card number is a symmetric secret that's printed on the outside of something that you hand to strangers all day. That's not exactly best practice.
If we moved to a PKI where the private keys live in secure enclaves, you could cut that fraud down significantly. But that won't happen, because then how would they justify the fees?
Doesn't that just trade one symmetric secret for another? (your password)
I suppose it's a little better because you probably haven't written your password on the side of your card, but everytime I have to go through it it feels like I'm getting phished. Also, SSL seems kind of messy for the job. You've already got the processor as a third party, now the CA's are a fourth party, plus whoever gets to install certs on that device as a fifth...
You could just have the card sign the transaction and have the merchant send that signature to the clearinghouse. For online orders, your phone could just be the payment terminal, and still the secret on the card is the signing key.
But none of that actually helps unless you deprecate the insecure stuff.
You're naming these companies that facilitate money moving in specific ways, but you could also zoom out and include a lot of banking which either serves to move money between parties or across space or time.
So I guess one question is: as credit unions are to banks, what missing organization type needs to exist as a counterpoint to payment services, which could return excess to owner-users?
I'm a credit union member and... idk I've become disillusioned. Their products and rates are consistently worse than national banks. I won't feel like I'm sharing in anything. The execs seem to get good comp though.
This was something that was supposed to be solved by the original internet they just never got around to it. You are not wrong though... the issue as many people pointed out is that you are focusing on the transactions. The problem these companies solve isn't just the transaction network - their values is primarily how they deal with fraud, governance, currency conversions, etc.
Basically it works like this: when you go to pay online, open the bank app on your phone, pick “pay by Blik”, copy the temporary 6 digit code, and paste it on to the online store’s website. You then also have to confirm the transaction on your phone.
It takes 5 seconds and is significantly easier than paying with a credit/debit card. It’s a shame this isn’t a thing in the US.
The reliance on a phone seems terrible, I would never install a banking application unless sufficiently threatened. I prefer our (Czech) more-or-less direct bank transfers, for which I don't need to leave my web browser.
The problem is that the ownership of the Fed is by the member banks. A CBDC is therefore a no-go in the USA. It would disintermediate money transfer and banks would lose billions.
You know what I find odd? The fact that we don't seem to have nice payout services that I'm aware of, that would let me payout some money to a service provider from a platform accout, like "Hey, here is my bank account, here's their account and here's how much I want to transfer to their bank, give me an API to handle it without me needing to think about PSD2."
Even local solutions here in EU that allow paying with an internet bank integration, still don't give you the ability to do fully automated payouts, like Klix: https://developers.klix.app/api/ (though they have bulk payments through the portal)
In the US, you can do an ACH transfer, bank account to bank account.
Some US banks support FedNow, which does roughly the same thing as ACH, but in seconds rather than days. It's not widely used yet. $0.045 per transaction.
Are you referring to Zelle? I think the issue for users that keeps them on services like Venmo is primarily the UX. The Zelle experience varies depending on the customer’s bank. It’s a service run by and between the banks, who are generally not as user experience-focused as tech companies. One example of this is that there is no feedback when sending money to a phone number that is not on the platform. The funds just go into the void and are returned a couple days later. By contrast, Venmo lets the payer verify the payee with their profile picture, username, and phone number.
No, not zelle. Pay a Person service is popular with credit unions and some banks. Receiver gets a message and inputs his bank account information into a form. Sender never sees that information. After the link has been established, subsequent transfers are just one click.
Banks earn revenue from interchange fees on debit and credit card transactions.
Consumers don’t have any incentive to leave behind their current rewards programs.
Merchants want to accept any payments they can and/or don't have leverage to fight the fees that partially fund networks using rewards to compete for customers.
Perhaps something will arise from FedNow like efforts but as consumers don't see the inflated prices from those rewards programs I don't see any incentives to change.
I can tell you it isn't difficult to build something like they have. The issue is more likely to get banks onboard to issue cards/payment instruments for your unknown payment network which has no terminals, the barrier to entry is very high.
Isn’t the second part—getting counterparties to trust you—an essential part of building something like they have?
I’m reminded of the old joke about the tech who thumps a machine to fix it, then sends a $5000 bill. $5 for coming out and thumping, $4995 for knowing where to thump.
Maybe instead of “3% to update some tables in a money database,” it’s more properly “.001% for the database update, 2.999% for being trustworthy enough that everyone is willing to trade goods and services on the strength of our promise that they’ll get paid”
I work in fintech specifically in payments and have for a few years now, including working on payment rails. I am going to give my best tl;dr based on my experience and knowledge.
From my point of view it isn’t really about partner banks. It’s about the rails, nearly 100% about the rails (IE the network). You’d only need one partner bank to move funds, which is how CashApp does it for example, but payment networks (the rails) is a different beast all together and I’ll do my best to outline this.
The bigger problem is going to be the rails. Visa and Mastercard as a model wouldn’t make as much sense for a new system to start with, rather you would want to be a closed loop system like American Express and Discover, because it’s extremely unlikely you’re going to be lowering any fees if you have to transit on Mastercard or Visa, but this means you have to control the entire on ramp, from issuing cards to operating the network. This as time has gone on has gotten very complicated from a regulatory standpoint and much of it for good reason, not to mention the high entry cost and long tail time it will take to see adoption. In fact you would likely run up against the reason why fees are so high, which I will get into in a minute. This is all the reasons why Capital One is trying to buy Discover, because they want to lower their fees for their cards so they can net more profit per transaction with lower per transaction costs, but this won’t translate into anything being cheaper for merchants (which is what we are really talking about) because of one really big draw of credit cards: Rewards[0]
The biggest driver of higher over time transaction costs isn’t the operation of the network. Which does cost money and it is unlikely operating any network would be zero cost or near zero cost, but rewards balloon the cost to merchants because of how things are structured and incentivized.
In a very simplistic breakdown it goes like this: if I am a card issuer like a bank, American Express or Discover and offer rewards, someone has to pay for that. Now you think the sky high interest rates would be enough but, while they in part cover the costs of the bank and they make lots of money on this, the truth is rewards are funded in large part (and sometimes solely) by kick backs on fees paid by merchants to the network operators, e.g. Visa, who may charge 3% they may only keep 0.50% of that and pass the rest back to the issuer as a kick back. This is negotiated by a number of means and the percentages are all different based on a bunch of factors but this is essentially how it works. This in part is done to incentive more transactions over the card network, particularly as a credit transaction which isn’t fee regulated, where as debit cards have a legal limit, which averages out to ~7 cents per transaction, significantly lower than credit cards.
Now this has created a system of kickbacks and rewards. This benefits three parties: Banks, who get tons of profits off of the high interest on credit cards plus the kickbacks fund rewards. Savvy (and usually wealthy) consumers, who can effectively get the “tax” in higher prices this has observed to cause over time as fees rise paid back to them as rewards at no cost (full paid monthly balances) and the network operators.
This leaves merchants to bare the real burden, as well as consumers who haven’t or otherwise unable to take advantage of reward programs to offset costs, namely the poor and lower middle class folks.
Now knowing this, how would you build up a 3 sided network (the operator, the consumer and a bank) that upends this model, which lowers fees for merchants? Assuming you go with a closed loop model (likely the best move) you are left with a few options: lower rewards (or have none, realistically) and you won’t gain consumers. Lower the operator take which has risks the ability for operations to be profitable and regulatory compliant, or you need to fund in large part by merchant fees greater than 1%, which will inch you close to what you see today to begin with, or you may think to use “differential pricing” but in some instances this may enter into a questionable gray area legally to have differential pricing based on which network / payment method the customer uses and it can be burdensome to merchants, which in part is why Winco decided to very publicly disclose that they only take debit cards, for example. Finally, you could forgo all this and simply rely on credit card interest revenue but that is a surprisingly volatile proposition as you have defaults to consider, refunds, reward costs, security and regulatory compliance etc.
All the while you need to build out a network from scratch by working with merchants, which means you would have very slow adoption and users of the network wouldn’t be able to blindly use their cards where they shop today, because it’s not like you can tap into Visa or Mastercard networks as a back stop either[1]
For what it’s worth, you should do a deep dive on how retailers tried and failed to upend all this with their own ACH based payment systems, the biggest proponent of which was Walmart. They failed for a lot of reasons but not all of them are the reasons you think.
No we don’t need to pay billions. There are moves afoot in the UK to do direct bank to bank payments with Open Banking. HMRC (the UK tax authority) has been doing this for years. When I pay my tax bill, I select my bank, scan a QR code with my phone, that launches my banking app, I authorise the payment and off it goes in just a few seconds. Instant and a few pence, even for thousands of pounds. This particular implementation is provided by Ecospend but there are a few other companies offering this same service now in the UK.
I agree with the OP, Visa and MC charging so much is just insane when you think about it. It’s more expensive AND settlement times are days, not seconds. The only barrier is consumer awareness and detrimental UK legislation forbidding card fees to be added to bills which while well intentioned completely ruins any competition on payment methods.
Open Banking is an overengineered and terrible solution, requires middlemen and there's nothing "open" about it. Do not fall for the hype.
Basically, instead of having a URL scheme to represent a bank transfer request that your banking app could register itself for and handle, they'd rather rely on a middleman to get a broad read/write access token to your bank account so they can initiate the payment from there.
These tokens are not scoped. When you do this, you fully trust the merchant (and theoretical legal recourse you may have) to not lie and only initiate the bank transfer for the amount they claimed - but there's nothing technically preventing them from taking more, or silently also grabbing your account history in the process (no bank provides an audit trail to know which read actions were taken).
In fact, I suspect the fact you can do a read access as a byproduct "for free" and silently is a big part of why this type of payment is pushed so heavily.
In addition, "Open" banking requires either significant regulatory/licensing hurdles, or a middleman like TrueLayer who (at least at one point, not sure how it is now) will be happy to lend their license to you for a fee. On top of that, you either need a middleman or need to integrate with each bank's API separately - so generally speaking, you'll always need said middleman.
All for something that can be resolved on the client side with a simple URL scheme. But don't expect a corporatocracy like the UK to go for the simple solution if they can instead go with one that provides turf to as many middlemen and parasites as possible.
You've lumped together companies that do very different things. I would just google "payment card network" and you can spend days going down rabbit holes to understand how complex the system is. And yes it is all totally necessary:
https://www.spreedly.com/blog/card-processing-network
"Visa, Mastercard, Discover, and AmEx also form the PCI Security Standards Council (SSC) alongside Japan’s JCB International. The PCI SSC acts as an authority in the payments industry, regulating and enforcing the PCI Data Security Standard (DSS) to protect cardholder information. The rules set by this consortium are not guidelines, but the ground-rules participants must abide by in order to participate in card-payments."
Highlighting because it's important. We recently got a totally free and open payments system, probably hundreds of them in fact, and they're a disaster. All the inequity and risk that any money system inherently possesses, with zero protections for anyone involved and zero recourse if you're robbed blind, unless of course you're wealthy in which case the people actually in charge who insist they aren't in charge will write a whole bunch more code to give you you're money back even though that's not how this works for anyone else. And that's not even getting into the fact that every seven transactions used as much electricity as Visa uses per minute to handle hundreds of thousands.
And I mean, I'd agree if there weren't still a substantial community of people swearing up and down that it was the future, despite all evidence to the contrary.
> In total these companies have profit in double digit billions
If you think about it.
Stripe, Block, PayPal only exist because of credit card networks (Visa, Mastercard, American Express, JCB, Discover) and issuing banks (JPM, WF, BoA, foreign banks). Those last two groups of entities have such terrible integrations/interfaces and fail to improve due to their oligopoly on the entire process of facilitating buyer and seller payment processing.
Stripe, Block, PayPal are just mere parasites living off of other parasites (the 3-7% transaction/network/issuing bank fees).
A “rival” is a complete dissolution of these parasitic entities. Cash used to be a good alternative, but comes with its own set of setbacks that do not meet our modern era (ie, can’t pay for items with cash in e-commerce, pains of handling high amounts of cash IRL)
Yeah I'm a big fan of cash but do you remember the days when that's all there really was? You had to go the bank every week to get it. There was risk of theft or loss for both individuals and businesses.
You could write personal checks, but not every business accepted them and if you were a business there was a period of days, sometimes weeks where you didn't know if a payment was good. I did pizza delivery in the 1980s, we accepted cash or check and I would guess about 1 in 10 checks were no good. That's a huge loss to absorb. And drivers would make occasional mistakes handling cash.
I remember when Visa and Mastercard started to get popular and widely accepted. Before that you had store credit cards, gas station credit cards, you were carrying around maybe half a dozen different cards just to do your normal purchases, or you were writing checks everywhere. e-commerce didn't exist yet but it would never have been possible paying by cash or check.
Visa/MC and later Paypal, Stripe, etc. solved real problems and provided real conveniences. That's worth something.
Discover and American Express are closed loop systems that may have marketing partnerships with banks but they actually issue the cards themselves and operator their own networks.
As a result, the American Express API is actually decent[0].
Consumers have an easy solution: pay with cash or check. Sadly, cash buyers will still pay the fees indirectly through price increases.
The government could do some easy deregulation here and force vendors to expose the transaction fees to the consumer. Similar to gas stations : pay 3% more for Visa than cash. This will have a big impact on big ticket items like appliances.
Truth is: businesses and government agencies like the cards. 3% of sales is less than what is stolen from the register. State & federal agencies like CC because the records can be subpoenaed.
So consumers, payment cards, vendors, governments all like these cards -- there's very little to discourage their use.
In the Netherlands people use a system called iDeal. It was a masterstroke worthy of Sun Tzu by the banks at the onset of e-commerce to keep the American credit card companies out of the loop.
I wanted to share some thoughts on the significant fees we currently pay to companies like Stripe, PayPal, and Visa/Mastercard, which run into billions annually.
These fees are largely due to the complex infrastructure and intermediaries involved in traditional payment processing. However, the Bitcoin Lightning Network offers a promising alternative.
The Lightning Network is a decentralized, second-layer solution built on top of Bitcoin, allowing for near-instant transactions at a fraction of the cost.
It eliminates many of the intermediaries that drive up costs in traditional systems, potentially saving businesses billions in fees.
Additionally, it supports micropayments and offers enhanced security and privacy, making it a viable option for reducing our reliance on traditional payment processors.While there are challenges in adoption and regulation, the Lightning Network could become a strong competitor to these established players within the next decade, offering a more efficient and cost-effective solution for processing payments.
You know in Europe the card merchants are limited to about 1.3%. And the US could regulate this as well. In Australia you can add the card commission on top of the purchase easily. (Much easier than Stripe for instance).
To save payment fees there are probably easier sections of the payment process to focus on. For instance why do so many merchant banks insist on mandatory FX into 1 currency. This limitation means if I use Stripe I end up paying 9% commissions.
Yes we do. Why? Because the old people running our country have not figured out that digital money is money even though most spending is done using digital money.
Because they love corporate profits more than citizen wallets, they restrict the US Mint to paper money instead of implementing a Federal payment system to support citizen use of digital money.
Consequently, those companies effectively implement a regressive sales tax of around 3-4%.
We should all have a federal debit card with zero processing fees that attaches to our bank accounts and the banks should be mandated to charge zero for federal debit card withdrawals.
Alternately, a law should be passed that mandates these big companies to charge no processing fee for debit cards. If they can't make profits that are sufficiently obscene on credit card fees, tough luck. While at it, make a federal card processing function that is entirely funded by tax, just like paper money.
It's an insane part of our government that it is impossible to modernize anything that touches the constitutional responsibilities.
Depends on whether you want to use their services? If you live somewhere where it's easy to just instantly transfer funds form one bank to another for free (e.g. you live in the Netherlands), then no: none of those companies need to exist in your world.
If you live anywhere else, all these companies are offering services that banks don't, or charge much more for. Or these days, don't even offer themselves, they literally outsource it (e.g. sending money from one bank to another is now a built-in-third-party-service in the form of agreements with Interac to handle low value EFTs).
So can you rival them? Probably. Will you fail? More likely than not. Is there lack of real competition? Depends on where you live, but yeah the whole reason they got this big is because they found a real problem and solved it, charging just enough for people to go "well that's still worth it for me".
The payment processors are, at the core, specialist insurance businesses. They know how to underwrite transaction risk and counterparty risk and FX risk very well, better than generalist insurers, in part thanks to their scale. So these "billions" are actually a tiny fraction of the volume they process; counterparties are happily sharing a cut in exchange for peace of mind.
Most of these fees go to the banks for using their cards, with the exception of PayPal. As a merchant I fucking hate PayPal, but you need to accept it since users are accustomed to it. They own the distribution channels which is convenience and habit from the consumer. Fraud doesn’t impact them and most have minimal to no real preventative methods in place, again this is the card company not the merchant processor filing disputes. Venmo already did this getting the furthest and still couldn’t overthrow the empire. The amount of funding you would need without a revenue model would force you into this model anyway so you would end up with the same business model. So no. Probably not.
Instant bank payments are already a thing and will be mandatory, across EU, by the end of next year. They will spread into other parts of the world if they don't have them already. So actually the payment cards will be on life support in next couple of years and might even go extinct if banks figure out terminals at the stores to not need cards issued and networks operated by foreign companies.
The total annual digital payments volume is estimated to be $11.5 trillion. Given that context a few billion dollars in profit off the top to add ease of use, security, fraud prevention etc. into the system doesn't seem all that absurd.
It’s not a few billion though.
its tens of billions spread across a bunch of different organizations, honestly if you count Stripe, PayPal etc as well, you are in the hundreds of billions. In the last fiscal year for Visa, they alone made $14.9 billion in profit. This doesn’t factor any of the second order money effects either, like kickback to banks for rewards, and this is just Visa. Mastercard, American Express and Discover all factor into this too, at least in the US, and a quick glance suggested this is a world wide figure, which introduces even more variables
The volume is also misleading because it does not differentiate on source, fee structure etc. it’s a gross (as in financial gross) number that says very little about how it was moved and what it cost to move it. Digital payments is a huge category
Platforms are where the money is at. Big SaaS companies built something large and complicated (their moat) that's difficult for a competitor to replicate or support.
It takes thousands of people who know what they are doing to get a big SaaS platform in any industry to work -- and to keep it working through endless regulatory changes, hacks, user demands, tech limitations, and bugs.
Once you have built something of this scale you're likely to charge as much as competition or perhaps even more -- not only to recoup your enormous costs but to return the expected profits to your capital backers.
We have real time payments in the EU that at least should replace PayPal in theory. But it fails due to friction, as most older banks (not neo banks or fintechs) have no easy way to present someone your IBAN. I'd also be wary to just present my IBAN to strangers, as it's enough to create a direct debit (I believe it's called). I'd miss the abstraction layer of protection. But then again I got cheated and neither PayPal nor my neobank provider helped me.
You mean like UPI?
For a nascent industry such as India I imagine you could: but for a legacy infrastructure such as that of the US - very advanced a few decades ago but now showing its age - the momentum is too hard to deprecate and start over. Just like how fast the developing world had pretty good mobile networks in a short amount of time.
There are still a lot of lessons to learn from the Indian model but I guess the US incumbents would artificially add road blocks via legal or subtle measures to maintain the status quo and instead offer band aid solutions.
I was wondering this myself. If we are paying fees why is it necessary to pay a % of each sale instead of paying a standard subscription? Sure it means more money for them, but is this really necessary?
Visa and Mastercard both have net profit margins of around 50%. So unless you think they’re taking on vast commercial risk, which I don’t, then there’s no reason we should be paying so much in fees.
Thanks to modern payment companies we are already living in the good place. Before Paypal you almost couldn't get paid on the internet at all. If you wanted to accept credit card payments it was a whole ordeal and banks didn't understand why anybody even wanted to sell things on the internet.
Payment processing also got much cheaper. It's arguably still more expensive than it should be, but giving up a few percentage points in revenue in exchange for frictionless payments is a really good deal.
Even if it was, there are better uses for a "decade with enough funding" unless you have some competitive advantage, like you're the CEO of Chase Bank or something. If you want to know how possible it is, consider that Bitcoin was released in 2009 and cryptocurrency's success at being used for payments - in the history of the world - it has been used for payments between people for something other than crimes, but adoption is way behind visa. Like, that alternative system exists (albeit not for free either) and there's no adoption. So the "billions" aren't exactly a market inefficiency. They make billions, but out of your life, how much do you pay to them. And then, do they perform a valuable service and charge money for that? Would you rather go to a bank and get cash and drive it to Amazon's local office, or mail them a cheque? For a fee, there are companies out there that will make it easier and faster and more convenient than that.
For those not wishing to visit another site to learn new vocabulary first:
blue-ocean market = entering into a new markt, red = entering into an existing market
Interestingly, I never heard this term before but now twice in one week someone referred to it (linking an article from 2012 iirc). At least the other one provided a link, albeit to a 5600-word documentary that I'm sure everyone was thrilled to dig into when there are perfectly normal words for it as well (sounds less fancy if everyone is already familiar, though)
I think readers here are intelligent and able enough to select the text and then choose "search Google" (if they haven't installed an ask ChatGPT extension yet), and don't need to be that spoonfed. I even put the words right together to make it easy. But thank you for doing that, I'm sure that much exertion would have been collectively exhausting.
Sure it would be possible with "enough" funding, almost by definition. If you can't, then the amount of funding clearly wasn't enough. I doubt you (or anyone btw) could get "enough" funding though. The amount of money you'd need just to get all their existing customers to switch would be monumental.
Exactly. If you're a new company and your choice is either spending lots of capital to accept payments by building it from scratch or pay 2.9%+30¢, the decision is obvious. If you value your time at $100/hr and spend forty hours building such a system—never mind maintaining it—you'd have to process over $130,000 in volume (500 transactions at about $260 each) just to break even on fees.
But you probably won't do it in a week, and you'll spend weeks each year maintaining it. I'd make an educated guess that for the vast majority of companies, it would be cheaper to process your first half million on Stripe than it would be to learn how to build a payments processor, build it, run it, and maintain it. You're saving peanuts for the principle of the matter.
Of course, how else could you have them dictate where you can spend your money and where not?
The Visa/MasterCard monopoly is pretty invisible, I feel. Few cases where they have enforced their power to forbid payments towards someone, but there are out there, at least in the past 5-6 years.
I wonder what EU will come up with in the future, some kind of digital cash? Private transactions that must work instantly with all banks doing business in the EU?
Several countries here have their own solution, but none of them are compatible with each other. (Please correct me)
Since a few years ago, the ECB is already looking into the possibilities for implementing a digital euro as another way of paying across the entire Eurozone. The phrase "digital euro" has been kind of a political boogeyman because of the privacy concerns (fair) and implications that the physical euro might disappear (less fair, the right to be able to use it as legal tender is enshrined in the EU treaties and that can't be changed without everyone agreeing to it), but the base idea is to create a public infrastructure that would do what payment processors and credit card companies are doing for a hefty fee right now. Which, to me, sounds like a great answer to this problem.
There is also the European Payment Initiative (EPI). It's an organization set up by a group of banks to streamline payments around (AFAIK) SEPA instant credit transfers.
While I'm highly skeptical of shared initiatives by European banks, I'm far more skeptical of CBDCs, and the current EPI plans seem to be slightly less bad than current payment processes, power and privacy wise.
They're just as slow as you'd imagine though. It'll probably be usable by 2050 or something..
The amount of money you make generally correlates to the amount of value you bring. With some exceptions and caveats, but it is the most fundamental role of money.
Go and make something at least 1% as valueable and I'm sure you'll find your 1% of the market share.
You need 2 things: users with your app/terminal, and a way to interoperate with the international banking system. If you can do that, it's technically feasible to create a vertically integrated replacement of the whole stack. It's going to be a huge investment though.
I wonder if the government could make a new type of physical cash with digital characteristics to solve this.
If we know the grid was at risk of collapse during conflict or a solar event, it might make sense to mandate cash* below some dollar value as an anti fragile move.
It would be interesting to listen to an interview with the Dwolla founder and see why they pivoted from their original idea of replacing card networks / ach and building a new payment network from scratch.
You could do things the old way. Just accept cash or checks (probably via the mail) and then either mail the product back to the address on the envelope or just send back a piece of paper with a key on it.
It’s clear that more and more companies are inserting a fee on a transaction that would happen with or without them, rather than making the pie bigger.
I like to look at things from first principles. Karma if you will. What u plant is what grows.
Debit card interchange fee in America is so low!
Credit card interchange fee is so high.
I think it’s because u are making a “deal with the devil” when u do credit. Buying stuff with other peoples money.
So naturally the “devil” charges a high price for his service.
If you want to do business with people buying on credit, you have to pay more. I think the universe is telling us we should quit with all the credit cards!
The system is too complicated because it's built off static card numbers and there is too much fraud.
X will disrupt this. They already have ID verification, money transfer licenses, and banking licenses. Just have a bank account with them and pay businesses (who are already on X) directly and skip Visa/MC altogether.
As far as I’m aware the base layer bitcoin blockchain still doesn’t have the capacity to onboard a significant fraction of the population. Additionally you need to keep your LN node always online otherwise you risk losing your funds, which is an utterly impractical requirement for the vast majority users. And if you’re going to suggest people should use custodial/centralized services to make bitcoin/lightning transactions then what is even the point of using crypto.
Sorry if that sounds unnecessarily harsh. It’s not directed at you, parent commenter. I agree that this is the exact use case crypto was meant to solve. I just think it’s a tragedy how Blockstream and co have crippled bitcoin and its development.
I hate Bitcoin as much as the next person but it's not really fair to criticise a technology that's potentially cool on the grounds that it doesn't have enough adoption. If it had the stability of entire countries behind it, it wouldn't fluctuate this much and even if it did, if everything's in that currency then you don't notice it in daily life either.
The problem I have with it, is that the technology is inefficient at solving the problem as compared to a central authority issuing currency. Something using e.g. blind signatures sounds really cool but the tech was ahead of its time (paper stems from 1983) and by now it doesn't sound cool and new anymore. Example implementation: https://en.m.wikipedia.org/wiki/Ecash
> If it had the stability of entire countries behind it, it wouldn't fluctuate this much and even if it did, if everything's in that currency then you don't notice it in daily life either.
Common misconception. You basically need currencies tied to countries (more precisely, OCAs or optimal currency areas, characterised by either 1. homogeneity with respect to external shocks (not the case e.g. within Europe), 2. complete factor mobility (not the case e.g. within Europe), or 3. transfer payments (that is, fiscal support)).
In other words: If there were one currency (only), even with the stability of entire countries behind it, it would still fluctuate too much to be very useful. Or, to put it different again: You need FX. One currency is not enough.
I don't think anybody would enjoy the UX with Lightning where payments regularly fail. And if you're asking them to use custodial services, that just introduces additional risk. Not to mention the fluctuation in value of BTC.
Better to use USDC on Base or Ethereum instead. or maybe USDT on Tron like many people around the world do.
Yes someone can disrupt this, but only really banks and Apple can do this in the US. All you need is stakes to lose besides money, like credit scores or even like Internet access, and robust, compulsory authentication.
You can't easily disrupt it because it's a two-sided marketplace between consumers and payment providers.
You could launch a Stripe competitor called CheapPayments but it would still have to pay standard Visa/etc processing fees so it can't be cheaper than Stripe.
You could launch a Visa competitor called CheapCard that has half the processing fees of Visa, but no merchants or payment processors would take CheapCard so people would continue using Visa.
Nor do we needntobpay billions to healthcare managers orninsurance companies.
But we do, because capitalism both needs flexibility in separation of concerns and people need jobs and greed is its own fiefdom genersting maxhine.
Think of it like evolution and social diversity. Studies in squirrels have shown that larger social groups create a need for greater phenotypical visual diversity, if only for identificTion
should just use USDC on Base instead - no high transaction fees like with Bitcoin, no crappy UX with Lightning, cheap transactions, free bridging, and no conversion fees for USDC -> USD unlike BTC -> USD.
1. Moving stuff in a ledger from A to B (sending money around in general) is all fairly trivial from a technology standpoint, but only a minuscule part of what financial institutions are doing. They spend a lot of money and effort on combatting fraud and making sure rules and regulations (KYC, AML, CTF, sanctions, etc.) are being followed.
(The crypto bros (and some FinTechs) solve a tiny part of the puzzle with a new technology (not even good/efficient tech in case of crypto), and then think that they alone have solved it, and that the rest is easy, and that they are now in a position to take over finance. Not so.)
2. Costs vary tremendously by jurisdiction and industry structure. In Europe, bank transfers within the SEPA region are basically free (instantaneous transfers might cost 35 cents or so). Bank transfers, direct debit, and standing orders have been ubiquitous and cheap for a long time, and checks and credit cards are rarely used (on the continent; the UK is closer to the US system). There was no need for PayPal, as it was fairly trivial to pay bills. (Only when Ebay bought PayPal and made it the default payment method did PayPal get any traction in Europe, I think.)
Similarly, credit card interchange fees are capped at 0.5% in the EU. That means fewer card rewards (which arguably benefit mostly the rich), and less credit card marketing.
The banking system in the US is quite crap, but that's not due to stupidity, but a mix of a) well intended regulation that intends to support small regional banks, b) misguided business-friendly regulation with insufficient consumer protection.
2.b. I think Visa/MC/Amex are ridiculously expensive in many jurisdictions, and that they basically skim off some 2% or so of the entire retail revenue is ridiculous. They should be treated as cheap infrastructure. But this requires sensible regulation. It's not a technological issue.
3. There are lots of somewhat successful neo-banks, neo-brokers, etc. in many jurisdictions. I don't think many of them have extraordinary profits. And that's because, no, it's not "all coming from inefficiency and lack of real competition". Sure, the sector is so heavily regulated (like aviation) that you can't just walk in and compete willy-nilly. That has some downsides, but it also has advantages.
4. A bank that makes insufficient profits and tethers on the brink of insolvency invites bank runs. That's one reason regulators are not pushing too hard for more competition. (Replacing the current fractional banking system with private credit + narrow banking might be an option, but that's a huge and complicated topic...)
For deep insight, I recommend Bits about Money by Patrick McKenzie (patio 11 on HN).
Q: does anyone think it possible to rival them in a decade with enough funding?
> go build your own "real competition" if you think its that easy.
Another dismissive comment. What inspires these? The Q proposes a significant timetable and suggests adequate funding. I'd agree it's open ended but it sounds like the OP is inviting education on the topic.
No we don’t, and I’m working on solving this problem. There’s no reason for a pure SaaS company to pay these middlemen if the only thing they buy and sell is software. Software vendors can settle accounts directly like banks do, we just need something like an ACH for SaaS. And I’ve been thinking a lot about how to do this while having the equivalent of a petrodollar to create underlying value based on a commodity. For example a meta currency for compute credits that is cloud agnostic.
PayPal provided a way to pay people and vendors without giving away your credit card number.
Square made it easy to accept payment in person on a phone, without an extensive upfront underwriting experience and without expensive fixed monthly fees.
Stripe did the same as Square, but for accepting online payments.
Fraud and Risk come in many forms, and these providers, even with their UX innovations, sit on top of those same rails to reduce fraud. Without those rails, buyers can’t trust sellers and sellers can’t trust buyers.
In my opinion, you need to find a way to solve that problem before you can eliminate the fees being captured by these providers.